What  does  the  Avaya  deal  mean? 


Test  E-mail  archiving  software 


VoIP  migration  lessons 


The  sale  of  Avaya  is  just  the  latest  in  a  string  of  private- 
equity  technology  buyouts  that  just  might  not  mean  good 
things  for  customers.  PAGE  6. 
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Symantec’s  Enterprise  Vault  finds  what 
you’re  looking  for.  PAGE  27. 


How  Northwestern  University  made  the 
leap  from  TDM  to  IP  PBXs. 
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Net  management  tools 
lacking  IPv6  features 


BY  CAROLYN  DUFFY  MARSAN 

When  it  comes  to  network  management  software 
that  supports  IPv6,  buyers  should  be  wary 

An  increasing  number  of  network  monitoring  and 
management  tools  support  IPv6,  but  these  products 
often  don’t  include  the  full  set  of  features  available  in 
IPv4.  And  few  commercial  offerings  provide  the  extra 
capabilities  needed  for  IPv6,  an  upgrade  to  the  Inter¬ 
net’s  primary  protocol  that  has  a  new  addressing 
scheme,  built-in  autoconfiguration  and  end-to-end 
security  among  other  features. 

It’s  unclear  whether  enough  IPv6-ready  network 
management  functions  will  be  available  by  June 
2008,  when  U.S.  federal  agencies  are  required  to  turn 
on  IPv6  support  in  their  backbone  networks. 

“We  deployed  IPv6  many  years  ago,  and  from  a  net¬ 
work-centric  point  of  view,  there  are  still  some  basic 
things  that  aren’t  there  yet,”  says  Rick  Summerhill, 
director  of  network  research,  architecture  and  tech¬ 
nologies  for  Internet2,a  next-generation  network  run 
by  a  consortium  of  U.S.  universities. 

“We  rely  on  [Cisco]  NetFlow  to  analyze  what  goes 
on  in  our  network,  and  that  isn’t  there  yet  for  IPv6.  It’s 


little  things,  like  being  able  to  do  usage  on  our  inter¬ 
face,”  Summerhill  says,  pointing  out  that  both  routers 
and  network  management  software  are  missing  key 
features.“The  ability  to  analyze  your  network  in  some 
way  —  that’s  what’s  still  missing.” 

Summerhill  says  this  gap  in  the  ability  of  network 

See  Management,  page  33 

Vista  not  playing 
smoothly  with  IPv6 

BY  CAROLYN  DUFFY  MARSAN 

Early  adopters  of  Microsoft’s  Vista  operating  system 
are  reporting  problems  with  its  implementation  of 
IPv6,  a  long-anticipated  upgrade  to  the  Internet’s  pri¬ 
mary  protocol. 

IPv6  supports  a  128-bit  addressing  scheme,  which 
lets  it  support  an  order-of-magnitude  more  devices 
that  are  directly  connected  to  the  Internet  than  its 

See  Vista,  page  15 


Will  802.1  In  mean  fast  trouble  for  IT? 


BY  JOHN  COX 

Wireless  networks  might  be 
mainstream  across  the  enter¬ 
prise,  but  that 
doesn’t  mean 
they’re  no-brain- 
ers.  Here  we 
raise  and  attempt 
to  answer  some  of  the  thornier 
questions  you  still  might  be  deal¬ 
ing  with. 

How  will  high-throughput 
802.1  In  wireless  LANs  affect 
the  corporate  network? 

A  surprising  number  of  WLAN 
vendors  recently  have  announced 


enterprise  access  points  based 
on  the  draft  IEEE  802.1  In  stan¬ 
dard  that  promise  100M  to 
2  0  0  Mbps 
throughput  per 
frequency  band 
—  three  to  six 
times  the  through¬ 
put  of  today’s  802.1  lg  and  802.1  la 
networks. 

Whether  network  managers  opt 
for  the  draft  1 1  n  products,  certi¬ 
fied  interoperable  by  the  Wi-Fi 
Alliance,  or  wait  for  the  final  IEEE 
ratification  in  late  2008  or  early 
2009,  they  could  face  any  of 
these  four  issues:  overloading 


part  of  the  wired  infrastructure; 
overloading  existing,  older  WLAN 
switches;  forcing  an  upgrade  to 
higher-powered  Power  over  Eth¬ 
ernet  (PoE);  and  repositioning 
and  rewiring  some  existing  wire¬ 
less  access  points. 

Most  of  the  new  access  points 
will  come  with  one  or  two  Gigabit 
Ethernet  ports.” We’re  mostly  100 
meg  to  our  buildings,”  says 
Michael  Dickson,  network  analyst 
at  the  University  of  Massachusetts 
at  Amherst. “[For  1  In],  we’ll  need 
gigabit  switches  in  the  closet  with 
10-gigabit  uplinks.That’s  a  definite 
See  Wireless,  page  10 
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INFRASTRUCTURE  LOG 


_DAY  68:  The  business  climate  is  constantly  changing.  Our 
IT  environment  is  completely  rigid.  We  can’t  align  IT  to 
meet  the  larger  business  needs.  I  told  Gil  we  need  an  SO/ 
so  we  can  be  proactive  for  once. 

_DAY  70:  Gil  had  an  idea.  He  calls  it  a  GOA  (Gil  Oriented 
Architecture).  He  brought  in  a  bunch  of  contractors  over  the 
weekend  and  made  the  entire  office  “modular”  and  “flexible.” 
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_Gil  says  I  m  looking  at  the  new  standard  in  architecture 
I  say  I’m  looking  at  a  giant  habitrail.  We  need  help. 
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COOITOOLS 


Samsung's  UpStage  features  a  phone  on  one  side 
and  a  music  player  on  the  other.  Page  18. 
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Clear  Choice  Test:  , 

E-mail  archiving  software 


ig 

Symantec's  Enterprise  vault  finds  what 
you're  looking  for.  Page  27. 
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Critical  Windows  fixes  this  week 

■  Microsoft  will  release  six  sets  of  security  patches 
Tuesday  four  of  which  will  fix  critical  flaws  in  Windows. 
The  software  will  be  released  as  part  of  Microsoft’s  reg¬ 
ular  monthly  security  release.  Microsoft  also  is  planning 
less-critical  updates  for  Visio  and  Windows  Vista,  the 
company  says.The  critical  Windows  updates  fix  flaws  in 
Internet  Explorer,  Outlook  Express,  Windows  Mail  and 
other  core  components  of  the  operating  system. 
Microsoft  considers  an  update  critical  when  the  flaw 
could  be  used  by  an  attacker  to  run  unauthorized  soft¬ 
ware  on  the  victims  machine  remotely  theoretically 
leading  to  the  propagation  of  an  Internet  worm. 
Microsoft  is  slightly  ahead  of  its  2006  patch  rate.  By  June 
2006,  the  company  had  released  32  security  updates. 
With  these  six  updates,  the  June  2006  tally  will  be  35. 

GEO:  Xandros  doesn’t  violate  patents 

■  Xandros  CEO  Andreas  Typaldos  said  last  week  his 
company  did  not  agree  that  its  Linux  distribution  vio¬ 
lates  any  Microsoft  patents,  nor  did  the  software  giant 
ask  Xandros  to  do  so  as  part  of  the  patent  cross- 
licensing  deal  the  two  recently  signed.  But  he  said 
feedback  from  the  Linux  community  has  been  on  the 
order  of  “you  shouldn’t  really  be  talking  to  the  devil.” 
Typaldos  told  Network  World  that  at  no  time  did 
Microsoft  reveal  to  Xandros  (which  develops  Linux 
desktops,  servers  and  management  tools)  any  of  the 
235  patents  that  Microsoft  says  Linux  violates. 
Microsoft  has  yet  to  detail  publicly  the  specific 
patents  violated  by  Linux,  and  some  critics  think  the 
statement  is  a  smokescreen  to  undermine  the  open 
source  community. “We  did  not  discuss  patents  [with 
Microsoft]  and  we  don’t  think  Linux  violates  any 
patents,  and  we  were  not  asked  about  it,”  Typaldos 
said.“It  is  a  nonissue  for  us.” 

Ex-Alcatel  exec  pleads  guilty 

■  A  former  Alcatel  executive  has  pleaded  guilty  to  pay¬ 
ing  more  than  $2.5  million  in  bribes  to  secure  a  tele¬ 
phone  contract  with  Costa  Rica’s  state  telecommunica¬ 
tions  agency,  the  U.S.  Department  of  Justice  said  last 
week.  Christian  Sapsizian  pleaded  guilty  to  charges  of 
conspiracy  and  violating  the  U.S.  Foreign  Corrupt 
Practices  Act  at  the  U.S.  district  court  in  Miami.  He  is  set 
to  be  sentenced  Dec.  20  and  faces  a  maximum  of  10 
years  in  prison  and  $580,000  in  fines.  The  Justice 
Department  says  Sapsizian  admitted  to  paying  the 
bribes  to  a  director  at  Costa  Rica’s  Instituto 
Costarricense  de  Electricidad,  to  secure  mobile-phone 


TheGoodTheBadTheUgly 

<  Bono  bails  out  Palm. 

Palm's  financial  future  looked  a  little  more 
secure  as  private-equity  firm  Elevation 
Partners  said  it  will  pump  $325  million 
into  the  mobile-device  manufacturer. 
Elevation  is  a  $1.9  billion  private-equity 
firm,  and  one  of  its  five  partners  is  Bono, 
the  lead  singer  of  Irish  rock  band  U2,  The 
investment  In  Palm  is  by  far  the  largest 
the  firm  has  ever  made. 

What  e-discovery  rules?  Under  the  Federal  Rules  for 
Civil  Procedure  that  took  effect  Dec.  1, 2006,  businesses  have  to  have 
policies  in  place  on  how  they  will  produce  electronic  documents  they 
hold  in  the  event  of  a  federal  court  lawsuit.  But  Xiotech,  a  vendor  of 
file-management  technology,  said  that  in  a  survey  of  166  businesses 
conducted  in  March  and  April,  only  39%  said  they  had  a  system  in 
place  for  document  "holds,”  that  is,  demands  that  they  protect  impor¬ 
tant  information  from  being  deleted,  Less  than  25%  said  they  had 
taken  steps  to  comply  with  the  new  rules. 

Google  fingers  Microsoft  Web  software 

Must  be  breaking  Google's  hearts  to  report  this  finding:  Web  sites  run¬ 
ning  Microsoft's  Web  server  software  are  twice  as  likely  to  be  hosting 
malicious  code  as  other  Web  sites.  Last  month,  Google's  antimalware 
team  looked  at  70,000  domains  that  were  either  distributing  malware 
or  hosting  attack  code,  and  made  the  finding. 


contracts  for  his  company  Alcatel  eventually  was 
awarded  a  $149  million  mobile-phone  contract  in 
August  2001,  the  department  said. 

Study:  Data-breach  lessons  ignored 

■  While  78%  of  large  companies  say  their  databases  are 
“critical” or“important” to  their  business, 40%  don’t  mon¬ 
itor  them  for  security  purposes.  Those  are  the  primary 
results  of  a  Fbnemon  Institute  research  study  released 
last  week  that  surveyed  649  IT  executives.  Fifty-seven 
percent  of  the  executives  surveyed  admitted  their  orga¬ 
nizations  haven’t  taken  “adequate  measures”  to  protect 
against  malicious  insiders, and  55%  acknowledged  they 
had  no  adequate  measures  in  place  to  prevent  data 
loss.  Eighty  percent  of  the  executives  surveyed  said  their 
organizations  have  more  than  100  databases,  primarily 
multiplatform  environments  including  Microsoft  SQL, 
Oracle  and  IBM  DB2.The  most  critical  priorities  the  IT 
executives  cited  for  this  year  were  upgrading  existing 
applications,  consolidating  IT  and  improving  efficiency. 


■  CONTACT  US  Network  World,  118Turnpike  Road,  Southborough,  MA  01772;  Phone:  (508)  460-3333;  Fax:  (508)  490-6438;  E-mail:  nwnews@nww.com; 
STAFF:  See  the  masthead  on  page  8  for  more  contact  information.  REPRINTS:  (717)  399-1900 


■  SUBSCRIPTIONS/CHANGE  OF  ADDRESS:  Phone:  (508)  490-6444;  Fax:  (508)  490-6400;  E-mail:  nwcirc@nww.  com;  URL  www.subscribenw.com 
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Take  back  control  of  your  inflexible  infrastructure  with  IBM 
SOA  solutions. 

IBM’s  innovative  approach  to  SOA  is  built  on  the  idea  of  combining  a 
flexible  business  with  flexible  IT- with  software,  hardware,  services  and 
partner  offerings  that  are  more  comprehensive  than  anyone  else’s,  yet 
surprisingly  easy  to  get  started  with. 


1 


When  you  build  an  SOA  with  IBM  solutions  like  WebSphere *  you  know 
you’re  building  a  modular,  flexible  IT  infrastructure  that’s  specifically  built 
for  business  change.  That’s  why  IBM  customers  across  every  industry  are 
seeing  revenue  growth  and  increased  business  flexibility. 

No  matter  where  you  are  in  your  adoption  lifecycle,  IBM  can  help.  Whether 
you  're  adding  components  to  your  SOA  or  building  your  infrastructure 
from  scratch.  But  don’t  take  our  word  for  it.  Take  the  word  of  the  3,600 
companies  who  are  seeing  results  from  IBM’s  comprehensive  yet 
uncomplicated  approach  to  SOA. 
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Avaya  buyout  comes  with  plenty  of  risk 

Private  equity  firms  seek  quick  profits,  diminishing  focus  on  products 


Equity  firms  like  tech 

Recently,  private  equity  firms  have  shown  more  interest  in 
snapping  up  technology  companies  —  traditionally  a  higher- 
risk  business  sector  than  these  investors  like  to  dabble  in. 

Date 

Company  bought 

Buyer 

Amount 

6/4/07 

Avaya 

TPG  Capital  and  Silver 

Lake  Partners 

$8.2  billion 

5/30/07 

CDW 

Madison  Dearborn 

Partners 

$7.3  billion 

5/21/07 

Alltel 

Goldman  Sachs  and  TPG 
Capital 

$27.5  billion 

5/16/07 

Acxiom 

Silver  Lake  Partners  and 
ValueAct  Capital 

$3  billion 

4/17/07 

Primax  Electronics 

Hong  Chuan  Investment 

$250  million 

4/5/07 

Rrst  Data  Corp. 

Kohlberg,  Kravis,  Roberts 
&Co. 

$29  billion 

BY  TIM  GREENE 
AND  PHIL  HOCHMUTH 

The  sale  of  Avaya  is  the  latest  in 
an  increasing  number  of  private 
equity  buyouts  of  technology 
companies  that  might  not  be 
good  things  for  customers. 

The  $8.2  billion  deal  an¬ 
nounced  last  week  will  take  the 
company  private  and  likely  come 
with  financial  burdens  that  could 
sap  the  market-leading  seller  of 
corporate  telecom  gear  of  money 
needed  to  keep  the  company’s 
edge,  experts  say 

“When  private  equity  shows  up 
it’s  more  about  financial  engineer¬ 
ing  than  it  is  about  sort  of  prod¬ 
ucts  and  synergies  and  those  sorts 
of  things,”  says  Samuel  Wilson,  an 
analyst  with  JMP  Securities. 

“Typically  these  deals  load  the 
company  up  with  debt  with  sig¬ 
nificant  restraints  on  operations 
and  cash  flow  and  demands  for  a 
better  output,”  says  Francis 
Mclnemey  managing  director  of 
North  River  Ventures.  “Technology 


development  falls  off  because 
cash  flow  goes  somewhere  else.” 

Over  the  past  year,  private  equity 
firms  seem  to  be  buying  up  more 
technology  companies,  such  as 
Avaya,  Agilent  Technologies,  Alltel, 
First  Data,  CDW  Acxiom  and 
Primax  Electronics  to  name  a  few. 

The  good  news  is  that  if  things 
do  go  awry  they  usually  happen 
slowly  and  they  don’t  send  prod¬ 
ucts  or  services  into  a  tailspin.“It 
could  be  slow  at  first.  It  could  be 
imperceptible,”  Mclnemey  says. 

Technology  companies  are 
regarded  as  iffy  investments 
because  the  products  and  the 
markets  are  so  complex,  experts 
say  But  with  an  abundance  of 
money  to  invest,  the  equity  firms 
are  willing  to  take  more  risks,  he 
says.  “It  shows  desperation  on  pri¬ 
vate  equity’s  part  looking  for 
deals,  and  at  some  point  you  run 
out  of  the  deals  private  equity  ide¬ 
ally  looks  for,”  Mclnemey  says. 

That  fact  pushes  the  equity 
firms  to  take  risks  that  more  con¬ 


servative  investors  would  avoid. 
“It  doesn’t  surprise  me,”  Wilson 
says.  “In  this  market,  with  private 
equity,  nothing  that  they  do  sur¬ 
prises  me. They’re  sort  of  willing 
to  do  anything.” 

Technology  buys  require  spe¬ 
cialized  business  talents,  he  says. 
“You’d  better  know  what  you’re 
doing,  because  these  businesses 
can  have  enormous  operational 
problems.  It’s  not  like  you’re  buy¬ 
ing  something  that  pumps  oil  and 
there’s  always  going  to  be  a  mar¬ 
ket  for  oil.” 

Once  tech  firms  are  taken  pri¬ 
vate,  the  goal  for  investors  is  to 
make  money  on  the  deal  quickly, 
Mclnemey  says.  “Have  you  seen 
the  show  ‘Flip  This  House’”?  It’s 
like  that,”  he  says. 

What  equity  firms  do  can  vary 
and  it’s  more  difficult  to  track 
because  the  company  becomes 
private  and  is  no  longer  subject  to 
public  stockholder  scmtiny“There 
are  things  they  can  do  out  of  the 
public  eye,  which  is  true  —  big 


public  companies  have  a  hard 
time  doing, ’’Wilson  says.“They  can 
sort  of  clean  it  up, jazz  it  up,  maybe 
do  an  acquisition  or  two,  then 
maybe  bring  the  company  back 
public  again.” 


The  problem  with  that  is  some¬ 
times  what  the  companies  need 
to  gain  value  falls  into  areas 
where  equity  firms  are  weak, 
Mclnemey  says.  “The  problem 
with  private  equity  guys  as  a  rule 
is  that  very  few  of  them  have  run 
businesses,”  he  says.  “Most  have 
never  had  profit  and  loss  them¬ 
selves,  and  there’s  not  a  lot  of 
operational  expertise.” 

In  the  case  of  Avaya,  for  exam¬ 
ple,  Mclnemey  believes  the  com¬ 
pany  needs  to  shorten  the  time  it 
takes  for  customers  to  pay  for  gear 
once  they’ve  received  it.That  gen¬ 
erally  indicates  that  the  vendor 
isn’t  doing  enough  for  its  cus¬ 
tomers,  but  addressing  the  prob¬ 
lem  can  take  many  forms. 

For  instance,  the  problem  might 
be  with  products,  sales  teams  and 
management  of  major  accounts. 
Solving  the  problem  requires  nuts- 
and-bolts  business  analysis  and 
reform.“I  just  don’t  see  how  private 
equity  could  solve  that,”  he  says.  ■ 
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VoIP  event 

Managed  well,  it  makes  your  enterprise  a 
lean,  mean,  productive  machine. 
Mishandled,  it  has  the  potential  to  com¬ 
promise  every  core  value.  Learn  right 
from  wrong.  Join  us  at  IT  Roadmap: 

Santa  Clara,  June  26.  Qualify  at: 

www.nwdocrmder.com/8122 


What  Avaya  going  private  means  to  you 


Company  says  it  will 
be  more  nimble;  dras¬ 
tic  change  not 
expected  near-term 

BY  PHIL  HOCHMUTH 

Here’s  what  Avaya  going  private  means  to 
users  of  its  technology,  and  the  market. 

Why  would  Avaya  want  to  go  private? 

Analysts  say  the  move  was  good  business. 
Avaya’s  stock  price  grew  28%  from  the  time 
rumors  began  of  a  buyout  deal  two  weeks 
ago.  Overall,  Avaya’s  stock  at  the  time  of  the 
sale  was  up  around  40%  since  April. 

“[Avaya]  is  just  trying  to  figure  out  what 
would  bring  the  most  value  for  their  share¬ 
holders,”  says  Samuel  Wilson,  an  analyst  with 
JMP  Securities. 

“One  of  the  problems  that  [Avaya]  has 
chronically  had  is  no  sex  appeal,”Wilson 
says.That’s  kind  of  how  investors  have 
always  thought  about  it  —  it’s  no  fun.” 

How  would  a  private  equity  buyout  affect  users? 

Organizations  with  heavy  investments  in 
Avaya  say  they  are  not  concerned  about  near- 
term  consequences  of  a  buyout.  But  long¬ 


term  plans  may  hinge 
on  what  happens  to 
the  firm  if  it  decides 
to  do  a  makeover  of 
itself  under  private 
equity  management. 

“I  wouldn’t  antici¬ 
pate  any  short-term  changes  because  the 
Avaya  product  line  is  so  strong,”  says  Scott 
Mah,  assistant  vice  president  for  IT  infrastruc¬ 
ture  at  the  University  of  Washington  in 
Seattle,  a  large  Avaya  shop.  A  major  TDM 
product  end-of-life  or  a  strategic  refocus  on 
Avaya’s  part  could  mean  the  organizations 
would  go  with  another  provider  of  both  TDM 
and  VoIP  technology“It’s  something  we’ll 
have  to  do  due  diligence  on”  if  something 
does  happen,  he  says. 

What  plans  do  the  private  equity  buyers  have  for 
Avaya? 

While  the  company  will  be  run  differently 
under  private  ownership,  Avaya  COO 
Michael  Thurk  says  drastic  changes  are 
unlikely 

“What  both  Silver  Lake  and  TPG  have  con¬ 
veyed  to  us  [is  that]  they  look  into  the  tech¬ 
nology  industry  for  companies  that  have 
strong  propositions  with  their  customer  base 
and  their  product  lines, "Thurk  says.“They’re 


very  committed  to  supporting  our  continued 
growth  and  providing  long-term  opportuni¬ 
ties  for  the  employees,  as  well  as  opportuni¬ 
ties  for  new  product  lines  for  our  customers.” 

What  could  change  inside  Avaya? 

Thurk  says  the  company  will  be  more  nim¬ 
ble  under  private  ownership,  which  will  help 
it  serve  customers. 

“We  think  the  company  has  an  opportuni¬ 
ty  to  be  even  more  responsive  to  our  cus¬ 
tomers,  to  act  quite  quickly  and  respon¬ 
sively  with  respect  to  actions  we  can  take 
within  the  company”  he  says.”There  are 
times,  for  example,  [where]  investments 
can  be  made  in  a  private  environment  for 
the  long  term  that  are  more  difficult  to  do 
when  under  quarter-to-quarter  pressures”  as 
a  public  company. 

By  going  private,  JMP’s  Wilson  says,  Avaya 
could  “do  some  things  out  of  the  public  eye” 
to  revamp  itself  as  a  more  streamlined, 
appealing  company  for  investors.  Slashing 
the  company’s  legacy  TDM  business  or  sell¬ 
ing  it  off  is  one  potential  move. 

“They’re  supporting  two  product  lines  — 
legacy  TDM  products  and  next-generation  IP 
products,”Wilson  says.“They  need  to  ramp 
down  all  support,  and  end-of-life  the  TDM 
stuff  and  focus  on  purely  on  1PH 
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This  little  server  went  to  a 
Fortune  500  company. 


This  little  server  can  have  up  to  four 
hot-swap  SAS  and  SATA  II  hard  drives 


I  This  little  server  earned  the  Best  of  FOSE  2007 
Award  and  makes  a  rack  its  home. 


This  little  server  offers  zero  MTBF 
—  none. 


r  And  this  little  server  went  wee-wee-wee  all  the 
way  back  to  the  factory  because  on  the  87lh  day, 

<  the  CEO  decided  he  didn't  like  little  blue  lights 
—  and  Gateway  didn't  ask  questions.  Not  a  one. 

'  So  what's  stopping  you  from  ordering  yours  today? 


Gateway  Server  Solutions 
are  100%  Satisfaction 

GUARANTEED. 


id  ih  thfe  li..$  only  and  afe  subject  to  change  without  notice  or  obligation,  May  not-  be  available  through  all  sales  channels.  1.  Service  methods  subject  to  change  without  notice  or 
turns?  cepted  ithifr  90  days  of  delivery  for  refund  of  original1  product  (server,  storage  or  networking  —  in  same  condition  as  purchased),  purchase  price  and  shipping  &  handling 
idit  final  fees,  sut  h  as  installation  services,  will  not.be  refunded.  Customer  is  responsible  for  removal  of  confidential  information  and  return  shipping  &  handling  fees.  Offer 
or  obligatronrcall  for  details.  ©2007  Gateway,  Inc.  Gateway  Terms  and  Conditions  Of  Sale  apply.  Trademarks  used  herein  are  trademarks^or  registered  trademarks  of 

Jhited  5t  3tes  and  other  Countries.  Intel’  K  a  registered  trademark  of  Intel  Corporation  in  the  U  S.  and  other  countries.  AMDis  a  registered  trademark  of  Advanced  Micro  Devices,  Inc. 

' 


IT  MAY  SOUND  LIKE  A  FAIRY  TALE,  BUT  IT’S  TRUE. 

At  Gateway,  we're  fun  to  work  with,  but  very 
serious  about  our  enterprise  solutions.  In  fact, 
we  offer  a  complete  suite  of  Intel®  and  AMD® 
processor-based  servers  that  feature  total  control 
management  capabilities,  RAID  options  and  24/7 
U.S.-based  telephone  tech  support]  If  you're  not 
completely  satisfied  with  your  new  Gateway  server, 
simply  return  it  within  90  days  of  receipt  for  a  full 
refund?  That  means  you  have  zero  risk.  What's 


866-590-6471 
www.gateway.com/servers6 
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Northwestern  eases  into  VoIP 


How  to  keep  a  VoIP  net  from  failing 


Northwestern  University's  VoIP  CS  2100  switches  from  Nortel  can  keep  the  campus  phones 
running  if  either  fails  or  if  connections  between  the  Chicago  and  Evanston,  III.,  campuses 
go  down. 


If  trunks  between  campuses  break,  each  switch  can  act 
independently  to  complete  calls  generated  locally.  Extension 
dialing  between  campuses  would  be  lost,  but  each  switch 
could  call  to  the  other  campus  using  the  public  phone  network. 


BY  TIM  GREENE 

Northwestern  University  is  getting  rid  of  its 
old  TDM  phone  switches,  not  in  response  to  a 
groundswell  of  demand  for  communications 
options  unique  to  its  new  VoIP  system, but  to  be 
ready  for  the  day  when  that  groundswell  hits. 

“In  some  sense  we  are  buying  potential, ’’says 
David  Carr,  director  of  telecommunications 
and  networking  for  Northwestern,  about  the 
move  to  Nortel  VoIP  switches. 

Most  of  the  university’s  18,000  phone  users 
on  two  campuses  say  they’d  be  happy  with 
phone  service  just  as  it  is,  according  to  a  poll 
by  Carr.  Others  are  ready  to  embrace  VoIP  but 
for  a  limited  set  of  features  that  can  help  them 
do  their  jobs  better  right  away 

The  new  capabilities  include  mobility  and 
presence  integrated  with  applications,  but 
Carr  says  users  weren’t  looking  for  a  specific 
application. 

As  part  of  the  VoIP  project,  which  started  in 
2003  with  a  review  of  ways  to  upgrade  two 
Nortel  SL  100  phone  switches,  the  university 
discovered  it  needed  to  upgrade  its  wiring 
closets,  stress-test  its  network,  address  QoS  and 
consider  network  admission  control. “They  all 
get  wrapped  together^’  Carr  says. 

The  two  carrier-grade  SL-100  phone  switches, 
one  at  the  university’s  Chicago  campus  and 
one  at  its  campus  in  Evanston,  111.,  were  about 
20  years  old. 

The  goal  was  to  collapse  the  two  separate 
switches  into  a  single  logical  switch  to  reduce 
management  complexity,  he  says.  The  school 
also  didn’t  want  to  replace  all  its  digital 
phones  at  once. 

It  decided  to  upgrade  to  the  Nortel  CS  2100 
VoIP  switch,  which  supports  both  VoIP  and 
TDM,  so  users  would  not  be  forced  to  switch 
their  handsets  for  VoIP  phones.  “Those  who 
wanted  to  take  advantage  of  the  VoIP  value 
proposition  could  do  so,  and  those  that  were 
happy  continuing  to  use  their  current  telepho¬ 
ny  features  and  services  could  do  so.  It  allowed 
the  community  to  migrate  at  its  own  pace,” 
Carr  says. 

The  university  has  installed  a  CS  100  at  the 
Chicago  campus  and  expects  to  have  one 
installed  at  the  Evanston  campus  next  month. 
Until  then  the  school  has  250  IP  phones  work¬ 
ing  on  a  trial  basis.“Beyond  that  we’re  waiting 
until  we  finish  these  upgrades,”  he  says. 

The  university  is  keeping  the  line  side  of  the 
TDM  switches  that  the  twisted-pair  wires  plug 
into. The  trunk  side  and  the  core  of  the  switch 
are  all  IP  and  include  an  interface  that  marries 
the  TDM  access  lines  to  the  VoIP  core. 

Carr  believes  the  university  can  run  the  VoIP 
network  more  efficiently  than  the  old  phone 
network  and  automate  more  to  cut  opera¬ 
tional  costs, but  the  savings  will  go  toward  ser¬ 
vices  not  provided  today  “I  don’t  think  the 
overall  communications  cost  is  going  to  de¬ 
crease,  because  I’m  going  to  take  that  plat¬ 
form  and  provide  a  whole  bunch  of  other  ser¬ 
vices,”  he  says. 

In  addition  to  new  services,  the  VoIP  network 


If  the  Chicago  switch  goes  down, 
the  one  in  Evanston  can  handle  all 
the  switching  for  both  campuses, 
including  PBX  extension  dialing. 


will  provide  more  resilience  because  the  two 
physical  switches  will  act  as  a  single  logical 
switch. 

The  university  installed  an  IP  phone  switch 
on  the  Chicago  campus,  provisioned  it  and  cut 
over  all  the  phones  to  it  about  10  months  ago. 

The  Evanston  switch  will  be  upgraded  so 
half  of  its  core  intelligence  is  in  Chicago. Then 
service  elements  from  the  Chicago  VoIP  switch 
will  be  cut  over  to  the  Evanston  switch,  and 
that  will  become  the  switch  for  both  campus¬ 
es.  This  is  being  done  in  several  incremental 
steps  that  reduce  the  likelihood  of  something 
going  wrong  and  causing  network  downtime 
during  the  transition  (see  diagram). 

Reliability  starts  in  closets 

Beyond  switch  survivability  Northwestern 
also  was  concerned  about  the  reliability  of  its 
wiring  closets  with  the  added  strain  of  Power 
over  Ethernet  switches  and  the  demand  for 
uptime  that  comes  with  VoIP 

The  IP  network  serves  more  than  200  build¬ 
ings  and  had  more  than  40  closets  that  were 
routing  sites  10  years  ago.  These  routing  cen¬ 
ters  have  been  collapsed  into  18  with  plans  to 
cut  that  number  to  12. 

Each  remaining  IP  routing  center  will  have 
redundant  power  and  cooling  systems. 
“Basically  they  look  like  mini  data  centers 
around  the  campus  that  can  provide  Level  3 
redundancy  for  the  router  infrastructure  and 
provide  that  never-go-away  always-available 
voice-over-IP  environment,”  Carr  says. 

Each  new  routing  center  has  a  large  DC 
plant,  generator  backup,  cooling  systems  and 
multiple  power  feeds  if  they  are  available. The 
Cisco  6509  routers  remain  the  same.“These  are 
long-term  investments  that  will  last  us  through 
multiple  revisions  of  electronics,”  Carr  says. 

There  may  even  be  some  cost  savings  by 
reducing  the  number  of  routers  in  the  net- 
work.“If  I  can  reduce  my  number  of  routers  by 
a  handful,  already  I’m  saving  dollars  every  five 
years  when  I  have  to  swap  those  boxes  out 
anywa>f  he  says. 


With  concerns  about  reliability  of  the  net¬ 
work  addressed,  the  university  considered 
voice  quality  and  bought  Brix  Networks  gear 
to  check  out  network  capacity  to  see  if  it 
would  handle  VoIP  with  appropriate  QoS. 

The  Brix  Verifiers  are  part  of  a  testing  mesh 
that  makes  phone  calls  all  day  to  try  to  find 
problems  with  the  infrastructure.  The  school 
plans  to  do  similar  stress  testing  for  other 
high-load,  important  traffic  before  it  comes 
on  the  network,  Carr  says.“I  expect  to  deploy 
some  set  of  inline  devices  that  are  looking  at 
all  the  traffic  and  making  sure  that  requests 
to  a  video  application  or  even  a  request  to 
our  student  enterprise  system  are  being 
served  at  the  service-level  that  we’ve  defined 
for  them,”  he  says. 

To  help  ensure  VoIP  quality  at  least  initially 
the  university  is  setting  up  a  separate  virtual 
LAN,  but  as  more  users  adopt  softphones  on 
their  laptops  and  PCs,  a  VoIP  VLAN  will 
become  harder  to  enforce.“Beople  are  going  to 
be  running  their  phones  on  their  computers, 
so  creating  all  these  separate  VLANs  is  not 
going  to  function  all  that  well,”  Carr  says. 

As  a  result,  the  university  plans  to  tag  VoIP 
packets  for  high  QoS  outside  the  VLAN.  “The 
construct  of  the  separate  VLAN  will  continue 
in  very  focused  areas,  making  it  easier  to 
secure  the  phones, secure  the  communication 
pathways  and  ensure  quality  of  service,”  Carr 
says.  “But  I  think  for  the  general  user  that 
opportunity  is  going  to  diminish  and  go  away 
in  three  to  five  years.” 

Carr  says  he’s  not  sure  what  mix  of  services 
the  university  will  ultimately  support  with  VoIP 
but  is  certain  that  the  role  of  telecom  has 
changed. 

“I’m  no  longer  the  phone  company’  he  says, 
“but  I’m  the  communication  interconnect  for 
the  campus.  That  means  if  your  preferred 
method  for  making  a  phone  call  is  from  your 
PDA  to  your  partner’s  Xbox,  the  infrastructure 
should  allow  that  to  happen.  It  should  allow 
you  to  communicate  in  any  way  that  you  want 
and  help  facilitate  that  communication.”  ■ 
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Linksys  Connected  Office  is  the  best  portfolio  of  industry-leading  products  and 
solutions  to  help  your  small  business  compete.  Start  or  expand  your  network 
with  affordable,  reliable  Business  Series  products  or  revolutionize  it  altogether 
with  Linksys  One,  the  integrated  data  and  voice  solution. 
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Security  Router  with  VPN 
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Wi-Fi  security  advice 

Gartner  says: 

Evaluate  cellular  data  plans  as  alternative  to  public  Wi-Fi  hotspot  access  in  hotels 
and  coffee  shops. 

Equip  wireless  laptops  with  a  personal  firewall  that  enforces  security  policies. 

■  Scan  and  update  laptops  with  revised  security  settings,  software  patches,  and 
updated  antivirus  and  antispyware  applications. 

• Consider  “connection  agent"  corporate  packages,  such  as  those  offered  by  iBahn, 
T-Mobile,  iPass,  Fiberlink  Communications  and  others:  a  small  agent  running  on 
the  laptop  with  advanced  security  protocols  for  two-way  authentication. 

Protect  access  to  corporate  network  by  remote  workers  using  personal  PCs  with 
on-demand  security  tools  over  SSL  VPNs. _ _ 

*  Authenticate  users  with  two  strong  factors.  Ideally,  one  factor  should  be  a  one¬ 
time  password. 

•  Use  VoIP  only  over  a  VPN. 


Wireless 

continued  from  page  1 

cost,  almost  a  necessary  cost  for 
1  In.” 

“lln  adds  an  incentive  to  go  to 
gigE  [in  the  wired  infrastructure] " 
says  Craig  Mathias,  principal  with 
Farpoint  Group. 

One  issue  related  to  upgrading  a 
cable  plant,  given  the  capacity  of 
lln, is  whether  to  upgrade  Ether¬ 
net  wall  jacks;  that’s  a  decision 
about  whether  the  wireless  infra¬ 
structure  becomes  the  principal 
means  of  network  access. 

If  existing  WLAN  controllers 
lack  the  network  capacity  and 
the  processing  power  and  mem¬ 
ory  needed  to  handle  increased 
traffic,  they’ll  have  to  be  re¬ 
placed,  especially  if  the  vendor 
has  a  purely  centralized  archi¬ 
tecture,  with  every  packet  run¬ 
ning  from  each  access  point  to 
the  controller.  Vendors  have 
been  upgrading  their  con- 

S02.11n  market  at 
a  glance 

Total  equipment  revenue:  More  than 
S150  million,  since  products 
introduced  in  second  quarter,  2006 

Top  three  suppliers:  Linksys, 

Netgear,  D-Link 

SOURCE;  DELL'ORO  GROUP 


trailers  over  the  past  year  with 
lln  in  mind,  sometimes  also 
offloading  packet-switching 
functions  to  the  access  points, 
creating  a  distributed  data 
plane. 

“With  this  kind  of  distributed 
data  plane,  there’s  no  bottleneck 
at  the  controller,”  Mathias  says.  “If 
you  have  Meru  [Networks]  or 
Extricom,  you  have  centralized 
data  and  control  planes.  But  if 
you  design  the  box  to  handle 
whatever  is  thrown  at  it,  it’s  not  a 
problem." 

Benchmarking  wireless  per¬ 
formance  to  verify  such  things  as 
workloads  and  traffic  conditions 
is  likely  to  become  much  more 
important  for  1 1  n  networks.To  do 
this,  enterprises  or  systems  inte¬ 
grators  will  use  complex  perform¬ 
ance-testing  tools,  such  as  those 
from  VeriWave  and  Azimuth 
Systems,  which  previously  had 
been  used  mainly  by  radio  chip 
makers  and  equipment  manufac¬ 
turers.  “Thus  will  be  a  big  thing 


down  the  road,”  Mathias  predicts. 

The  PoE  issue  may  catch  some 
users  by  surprise.  “The  PoE  infra¬ 
structure  may  have  its  upper  limits 
tested  by  lln  deployments  [that 
are]  used  to  their  maximum  capa¬ 
bilities,”  says  Chris  Silva,  an  analyst 
at  Forrester  Research. 

PoE  lets  you  run  one  cable  be¬ 
tween  switch  and  access  point 
instead  of  two  —  potentially  a 
big  savings.  But  lln  access 
points  draw  more  electricity 
than  the  15.4  watts  maximum 
provided  by  power  injectors 
based  on  the  IEEE  802.3af  stan¬ 
dard. That  maximum  will  at  least 
double  with  a  new  standard, 
802. 3at,  being  finalized.  At  least 
one  vendor,  Trapeze  Networks, 
has  created  new  code  that  lets 
its  just-announced  lln  access 
point  use  existing  PoE  injectors, 
but  there  are  tradeoffs  in  terms 
of  performance. 

“The  promise  of  lln  is  more 
than  simply  going  faster]’ says  Phil 
Belanger,  managing  director  for 
Novarum.The  increased  range  of 
1  In  will  make  it  more  practical  to 
deploy  large  systems  using  the 
5GHz  band,  which  has  many 
more  channels  than  the  2.4GHz 
and  has  not  been  used  very  much 
to  date.  That,  in  turn,  will  enable 
much  higher  capacity  WLANs.  For 
many  enterprises,  a  wireless  net¬ 
work  that  delivers  hundreds  of 
megabits  of  capacity  everywhere 
will  be  good  enough  to  be  the 
only  network.” 

What’s  the  biggest  looming 
wireless  or  mobile  security 
threat? 

We’ve  identified  three,  but  we’ll 
save  one  of  them  (denial  of  ser¬ 
vice)  for  Part  2  of  this  story  in 
next  week’s  issue. 

The  two  other  threats  are  em¬ 
blematic  of  two  very  different 
human  dynamics.The  first  springs 
from  the  increasing  cunning  of 
attackers,  the  second  from  the 
continuing  ignorance  of  users 
and  even  IT  professionals  about 
the  nature  of  wireless  threats. 

In  2006,  researchers  identified 
problems  with  wireless-interface 
device  drivers  that  could  be  ex¬ 
ploited  in  various  ways  by 
attackers.  Drivers  function  at  the 
level  of  the  operating  system  ker¬ 
nel,  where  malicious  code  po¬ 
tentially  has  access  to  all  parts 
of  the  system. 

Typically  these  driver  vulnerabil¬ 
ities  involve  manipulating  the 
lengths  of  specific  pieces  of  infor¬ 
mation  contained  in  the  wireless 


management  frames,  causing  a 
buffer  overflow  where  a  malicious 
payload  can  be  executed,  says 
Andrew  Lockhart,  security  analyst 
with  Network  Chemistry 

‘A  driver  will  process  these  data 
elements  whether  or  not  [the 
adapter  is]  associated  with  an 
access  point.  So  the  combination 
of  simply  having  a  powered-on 
wireless  card  with  a  vulnerable 
driver  can  leave  a  user  open  to 
attack,”  he  says. 

The  obvious  solution  is  to  re¬ 
place  the  vulnerable  drivers,  but 
that  is  an  ad  hoc  process.  “In  the 
Windows  world,  most  wireless  dri¬ 
vers  are  part  of  a  third-party  soft¬ 
ware  package,  so  they  don’t  get 
updated  with  a  Windows  update, 
which  makes  it  troublesome  to 
eliminate  the  problem,  and  it  will 
likely  be  a  problem  for  a  while,” 
Lockhart  says. 

Attackers  are  becoming  smarter 
about  what  and  how  they  attack, 
increasingly  using  evasion  tactics 
to  sidestep  or  confuse  wireless  in¬ 
trusion  detection/prevention 
(IDS/IPS)  applications.  The  long¬ 
term  solution  is  smarter  IDS/IPS 
systems  that  monitor  and  analyze 
wireless  traffic  and  behaviors 
more  comprehensively. 

But  researchers,  such  as  those 
at  Dartmouth  College’s  Project 
MAP  (measure,  analyze  and  pro¬ 
tect),  are  in  the  early  stages  of 
such  work. 

The  second  wireless  threat  is 
related  to  the  fact  that  many 
mobile  users  seem  not  to  be  get¬ 
ting  smarter  about  wireless  secur¬ 
ity  “The  biggest  threat  is  people 
who  use  open  Wi-Fi  access  points 
and  don’t  use  encryption  or 
VPNs,” says  David  Kotz,  Dartmouth 
professor  of  computer  science 
and  one  of  the  lead  Project  MAP 


researchers.  “They  trust  some  ran¬ 
dom  hotspot  operator  or  open 
access  point  somewhere  with 
their  personal  or  professional 
data.  People  are  careless.” 

That’s  putting  it  diplomatically 

Security  consultant  Winn 
Schwartau  likes  to  tell  how  his 
then-1 2-year-old  son  used  a 
Windows-based  Palm  Treo  to 
eavesdrop  wirelessly  on  business 
executives  using  laptops  or  PDAs 
on  an  airport  or  other  public  Wi¬ 
Fi  network. 

He  routinely  collected  user¬ 
name-password  combinations  for 
corporate  networks.  “My  son  had 
passwords  to  40  of  the  Fortune 
100  [networks]  ”  he  says. 

The  key  vulnerability  was  that 
these  users  —  even  if  they  used 
an  encrypted  VPN  tunnel  to  ac¬ 
cess  the  corporate  network  —  re¬ 
peatedly  used  an  unencrypted 
wireless  link  to  access  Internet 
mail  or  other  Web  sites  in  the 
clear.  That  enabled  the  younger 
Schwartau  to  collect  information 
to  access  the  user’s  Web  mail 
account.  He  then  sent  the  user  an 
e-mail  from  his  own  account:  “I 
can  then  infect  that  machine 
[with  malicious  code] ,  and  have 
access  to  your  VPN  account,” 
Schwartau  wrote. 

The  inverse  of  this  problem  is 


letting  personal  mobile  devices 
that  have  been  exposed  to  the 
Internet  in  the  wild  connect  to 
corporate  networks. 

“Normal  security  standards  and 
procedures  are  often  ignored 
when  users  are  allowed  to  con¬ 
nect  their  own  devices,”  says  Lora 
Mellies,  information  security  offi¬ 
cer  at  Hartsfield-Jackson  Atlanta 
International  Airport. 

“For  instance,  there  may  be  no 
scheme  to  regularly  back  up  the 
information,  no  firewall  or  anti¬ 
virus  protection  installed,  and  no 
use  of  encryption  for  confidential¬ 
ity  or  [of]  tokens  or  certificates  for 
strong  authentication,”  she  says. 

“No  one  can  define  the  perime¬ 
ter  [of  the  corporate  network] 
anymore,”  Schwartau  says.  “The 
rule  is:  ‘Thou  shalt  connect  no¬ 
where  except  to  the  corporate 
network;  once  you’re  there,  you 
can  do  whatever  you  want,  but 
we’ll  be  watching  you.’” 

This  threat  will  only  get  worse  as 
the  number  of  ill-trained  mobile 
users  grows,  along  with  the  bal¬ 
looning  amount  of  sensitive  or 
proprietary  corporate  data  on 
their  mobile  devices. 

Is  wireless  [Wi-Fi-based]  VoIP 
worth  the  bother? 

Judging  from  the  market, 
where  enterprises  vote  with 
their  dollars,  the  answer  is 
generally  “no,”  at  least  for  large- 
scale  deployments. 

There  are  exceptions,  though 
rare,  and  they  tend  to  prove  the 
rule. One  of  the  most  often  cited  is 
Osaka  Gas  in  Japan.  The  utility 
used  Meru’s  WLAN  infrastructure 
to  support  6,000  mobile  phones 
that  were  equipped  with  cellular 
and  Wi-Fi  network  interfaces.  The 
price  tag  for  the  whole  project: 
$10  million. 

The  reluctance  to  embrace 
large-scale  wireless  VoIP  isn’t  sur¬ 
prising.  Enterprisewide  wireline- 
VoIP  deployments  have  found 
traction  only  fairly  recently,  and 
many  of  these  have  been  angst- 
See  Wireless,  page  12 


VoIP  over  Wi-Fi  market  projections  (North 


America) 

2007 

2012 

VoIP  access  points  for  enterprises 

S442  million 

$1.75  billion 

VoIP  wireless  LAN  switch  and  mobility  controllers 

S500  million 

S2.7  billion 

VoIP  over  Wi-Fi  handsets  (Wi-Fi  only) 

S93  million 

S600  million 

SOURCE:JUNIPER  RESEARCH 
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Wireless 

continued  from  page  10 

ridden. To  be  fair,  often  the  angst  is  created 
by  specific  issues  or  problems  at  a  given 
enterprise  site. 

Using  a  wireless  connection  in  place  of 
a  wired  one  adds  lots  of  complexities, 
however,  solutions  to  which  are  only 


slowly  maturing.  Access  points  have  to 
be  distributed  pervasively  to  support 
voice  traffic,  while  radio  interference 
easily  affects  voice  quality  or  call  ses¬ 
sions.  Wireless  eavesdropping  on  unse¬ 
cured  VoIP  sessions  is  another  worry  for 
enterprise  managers. 

It’s  also  difficult  to  pinpoint  savings, 
Forrester’s  Silva  says.  “Wireless  VoIP  has 


been  positioned  as  a  way  to  replace  cel¬ 
lular  minutes  of  use,”  he  says.“But  corpo¬ 
rate  IT  doesn’t  have  a  good  handle  on 
what  they’re  actually  spending  on  this: 
It’s  often  just  expensed.  So  it’s  hard  to 
make  a  case  for  savings  and  hard  there¬ 
fore  to  make  a  case  for  investing  in  VoIP 
over  WLAN.” 

Over  the  course  of  three  months  we  tested 
WLAN  switches  and  access  points  from 
Aruba  Networks,  Chantry  Networks  (now 
Siemens),  Cisco  and  Colubris  Networks 
for  audio-quality  QoS  enforcement,  roam¬ 
ing  capabilities  and  system  features. 
Among  our  findings: 

•  With  QoS  enforcement  turned  on  and 
with  only  voice  traffic  on  the  network,  calls 
nearly  matched  toll-quality  audio. 

•  With  even  a  small  amount  of  data  traffic, 
dropped  calls  became  common  and  audio 
quality  was  poor,  even  with  QoS  enabled. 

•  Roaming  from  one  access  point  to 
another  either  failed  or  took  so  long  (0.5 
seconds  to  10  seconds)  that  calls  dropped. 

Those  findings  reflect  some  of  the  expe¬ 
riences  at  Dartmouth,  which  embraced  a 
limited  VoIP  deployment  on  its  pervasive, 
Aruba-based,  campus  WLAN  four  years 
ago.  Initially  some  college  staff  used  the 
wearable,  mobile  VoIP  phone  fromVocera 
Communications.  There  were  some  prob¬ 
lems  with  roaming,  according  to  David 
Bucciero,  Dartmouth  director  of  techni¬ 
cal  services,  who  despite  these  teething 
pains,  is  one  who  says  wireless  VoIP  is 
worth  the  hassle. 

More  recently,  the  college  has  added 
just  under  100  Cisco  7920  wireless-VoIP 
handsets  which  “were  flawless,”  though 
latency  was  an  issue  early  in  the  deploy¬ 
ment,  Bucciero  says.  Reducing  those 
delays  has  been  an  ongoing  tuning 
process,  Dartmouth  working  closely  with 
Aruba  and  Cisco,  the  college’s  wireline- 


network  vendor. 

Things  have  changed  in  two  years,  in¬ 
cluding  the  advent  of  the  802.1  le  QoS 
standard,  augmented  by  continued  pro¬ 
prietary  QoS  tweaks,  and  faster  handoffs 
between  access  points. 

The  real  change,  however,  has  been  the 
growing  interest  in,  and  number  of  prod¬ 
ucts  for,  shifting  call  sessions  automati¬ 
cally  between  cellular  and  Wi-Fi  nets.  At 
the  enterprise  level,  this  convergence  en¬ 
tails  an  IP  PBX,  usually  a  Session  Initiation 
Protocol  (SIP)  server;  the  WLAN  infra¬ 
structure;  new,  specialized  servers  from 
start-ups  such  as  DiVitas  Networks  and 
established  players  such  as  Siemens;  and 
accompanying  client  code  running  on 
dual-mode  handsets,  which  have  a  cellu¬ 
lar  and  a  Wi-Fi  radio. 

Dartmouth  is  doing  exactly  this,  run¬ 
ning  a  pilot  test  with  the  Nokia  E6 1  i,  a 
dual-mode  mobile  phone  recently  intro¬ 
duced  in  the  United  States  as  part  of  its 
convergence  partnership  with  Cisco. The 
handsets  use  SIP  to  talk  to  the  Cisco 
CallManager  IP  PBX. 

“Cellular  and  Wi-Fi  convergence  is  the 
real  pull  for  VoIP  over  WLANs,”  Farpoint’s 
Mathias  says.  “Once  that  [convergence] 
happens,  then  we  can  converge  dialing 
directories,  voice  mail,  other  services,  and 
have  one  phone  that  works  everywhere.”  ■ 


|  Next  week  we  answer 
these  questions: 

*Will  my  organization  need  to  change  to 
support  enterprise  mobility? 

*How  do  I  control  costs  in  an  expanding 
mobile  and  wireless  environment? 

*  What  can  I  do  about  wireless  denial-of- 
service  attacks  and  interference? 


Qualcomm  to  seek  Bush  veto 


BY  JOHN  COX 

Almost  as  soon  as  the  unfavorable  ruling 
by  the  U.S.  International  Trade  Commission 
had  been  posted,  Qualcomm  declared  it 
would  seek  a  stay  in  the  federal  courts  and 
a  veto  from  the  White  House. 

The  ITC  ruling  last  Thursday  banned  the 
importation  of  certain  Qualcomm  3G 
chips, chipsets  and  circuit  boards, as  well  as 
some  wireless  handsets  that  use  them. The 
commission  had  ruled  previously  that 
Qualcomm  was  infringing  a  U.S.  patent 
held  by  rival  chip  maker  Broadcom. Three 
of  the  commissioners  voted  in  favor  of  the 
order,  and  the  remaining  two  voted  “for  a 
more  limited  form  of  relief,”  according  to 
the  ITC  statement. 

The  ITC  action  is  the  latest  legal  set¬ 
back  for  Qualcomm,  which  has  a  reputa¬ 
tion  for  jealously  protecting  its  intellec¬ 
tual  property  and  driving  tough  licensing 


deals  for  its  chip  technology,  the  basis  for 
many  of  the  Code  Division  Multiple 
Access  and  Wireless  CDMA  cellular  net¬ 
works  worldwide. 

Qualcomm  issued  a  statement  saying  it 
was  “extremely  disappointed”  with  the  ITC 
ruling,  which  “does  not  protect  the  public 
interest  or  public  safety’  All  the  commis¬ 
sioners  acknowledged  that  the  decision  to 
ban  importation  of  the  Evolution  Data 
Optimized  and  WCDMA  handsets  “could 
adversely  affect  the  public  interest,  particu¬ 
larly  the  public  health  and  welfare.”  The 
majority  concluded  that  exempting  prod¬ 
ucts  already  imported  “sufficiently  amelio¬ 
rates  that  impact.” 

Qualcomm  is  asking  the  Federal  Circuit 
Court  of  Appeals  to  delay  enforcing  the 
ITC  decision  while  it  seeks  a  White  House 
veto.  The  president’s  decision  must  come 
within  60  days  of  the  ruling.  ■ 
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10  free  virtualization  tools  worth  a  look 


Microsoft,  VMware  joins  open  source  community  to  offer  technology  test  drive 


BY  DENI  CONNOR 

More  IT  shops  are  validating  the  benefits 
of  desktop  and  server  virtualization,  from 
energy  efficiency  to  better  resource  uti¬ 
lization.  But  if  you’re  still  leery  of  forking 
over  big  dollars  for  the  technology  there 
are  some  low-cost  and  no-cost  ways  to 
give  virtualization  a  try 

Virtualization  freebies  are  available 
from  the  open  source  community  and 
from  vendors  such  as  Microsoft  and 
VMware.  Here’s  a  sampling: 

Microsoft  Virtual  Server  2005  R2 

A  virtualization  environment  for 
Windows  Server  2003,  Server  2003  Service 
Pack  1,  XP  Professional  Edition  and  XP 
Service  Pack  2.  It  works  on  x86  servers  or 
workstations  and  is  available  in  32-  or  64- 
bit  versions. 

OpenVZ 

Linux-based  software  that  lets  the  IT 
administrator  create  secure  virtual  envi¬ 
ronments.  Each  virtual  private  server  can 
be  rebooted  independently,  co-existing 
with  other  virtual  private  servers. 

The  open  source  project  is  supported  by 
SWsoft,  which  markets  a  commercial  ver¬ 
sion  called  Virtuozzo. 

Q 

Open  source  software  for  running 
Windows  or  Linux  on  a  Macintosh.  It  lets 
users  switch  between  guest  PCs  and 
restart  guest  PCs  at  any  point.  Q  also 
enables  users  to  exchange  files  between 
the  host  operating  system  and  the  guest. 

Q  is  based  on  the  QEMU  open  source 
CPU  emulator.  You  need  to  be  careful 
about  using  Q  —  according  to  the  Web 
site.it  is  still  alpha  software. 

QEMU 

A  generic  and  open  source  machine 
emulator  and  virtualization  software 
developed  by  Fabrice  Bellard,  the  author 
of  a  compact  C  compiler.  QEMU  can  run 
operating  systems  and  programs  devel¬ 
oped  for  one  machine  on  a  different 
machine. 


nww.com 

Virtualization  event 

Clustered  servers.  Grid  computing.  Virtualized  stor¬ 
age.  Perimeter-less,  holistic  security.  Service-ori¬ 
ented  management  platforms.  It's  the  landscape  of 
the  New  Data  Center.  Explore  it  all.  Join  us  at  IT 
Roadmap:  Santa  Clara  on  June  26.  Qualify  at: 

www.nwdocfinder.coin/8123 


When  used  as  virtualization  software,  the 
host  and  guest  machine  must  use  x86- 
compatible  processors.  In  emulation 
mode,  it  supports  x86  PFCs,  MIPS  R4000, 
Sun  SPARC  and  PowerPC  processors. 

Technical  Architecture  Solutions  TC0 
Calculator 

Technical  Architecture  Solutions,  a  dis¬ 
aster  recovery  and  business  continuity 
consultancy,  is  offering  a  TCO  Calculator 
for  server  virtualization.  It  is  Web-based 
and  allows  IT  administrators  to  estimate 
how  much  money  they  will  save  by  using 
VMware  ESX.The  calculator  consists  of  a 
Microsoft  Excel  spreadsheet  and  is 
based  on  four  virtual  machines  per  virtu¬ 
al  server. 

VMware  Server,  Player  and  Converter 

VMware  Server  is  VMware’s  starter  kit  for 
Windows  and  Linux  server  virtualization. 

It  can  host  Windows,  Linux,  NetWare  and 
Solaris  as  guest  operating  systems. 

VMware  Player  lets  IT  administrators  run 
virtual  machine  instances  created  by 
other  VMware  products.  With  it,  you  can 
download  prebuilt  virtual  machines  from 
the  VMware  Technology  Network  or  share 
them  with  other  organizations. 

Virtual  Iron  Single  Server  Virtualization 
and  Management 

Virtual  Iron’s  Single  Server  Virtualization 
and  Management  software  creates  Linux 
or  Windows  virtual  servers.  It  runs  in  32- 
and  64-bit  workloads  that  are  stored  on 
iSCSI,  storage-area  networks  or  local  stor¬ 
age.  Virtualized  nodes  created  with  Virtual 
Iron’s  Single  Server  software  must  have 
Intel  Virtualization  Technology  or  AMD 
Virtualization  hardware  assist. 

Virtual  Iron  and  Provision  Networks 
Virtual  Desktop  Infrastructure 

An  alternative  to  terminal  services  envi¬ 
ronments  and  fat-client  desktop  imple¬ 
mentations.  It  lets  an  IT  administrator  host 
five  individual  Windows  desktop  PCs 
inside  virtual  machines  running  on 
servers  in  the  data  center. 

Xen 

This  open  source  package  for  x86  server 
virtualization  was  developed  by  the 
University  of  Cambridge  and  commercial¬ 
ized  by  XenSource.  Xen,  which  runs  on 
Linux,  supports  Windows  and  Linux  as 
guest  operating  systems. 

XenSource  XenExpress 

XenExpress,  from  XenSource,  is  a  free  vir¬ 
tualization  package  for  x86  servers  that 
lets  IT  administrators  host  as  many  as  four 
virtual  machines  on  servers  equipped 


with  4GB  of  physical  RAM  or  two  physical 
sockets. 

It  supports  Windows  Server  2003,  XP  and 
2000  as  guest  operating  systems.  It  also 


supports  Red  Hat,SUSE  and  Debian  Linux 
guest  operating  systems. 

XenExpress  is  based  on  the  open  source 
Xen  hypervisor.  ■ 
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Vista 

continued  from  page  1 

predecessor,  IPv4.  IPv6  also  has 
autoconfiguration  and  end-to-end 
security 

Vista  supports  IPv6  by  default.  It 
runs  a  single-stack,  dual-IP-layer 
architecture,  which  means  it  is 
IPv4-  and  IPv6-capable  out  of  the 
box.  It  supports  tunneling  of  IPv6 
traffic  over  an  IPv4  backbone  and 
includes  IPSec  that  works  for  both 
IPv4  and  IPv6. 

Management  software  vendors 
and  users  are  reporting  problems 
with  Vistas  IPv6  support. 

“Vista  is  showing  some  serious 
deficiencies  around  IPv6  and  IPv4 
insofar  as  their  compliance  or  the 
transparency  of  their  compliance 
around  IP  behaviors,”  says  Loki 
Jorgenson,  chief  scientist  for 
Apparent  Networks,  a  network 
assessment  tools  vendor. 

“For  example,  Vista  doesn’t 
expose  any  of  the  ICMP  errors  to 
applications  running  on  Vista,” 
Jorgenson  says.  “The  application 
can’t  get  access  to  that  message, 
and  subsequently  all  it  sees  is  that 
the  network  connection  is  not 
working.This  is  a  big  challenge  for 
us  around  Vista.  It’s  not  clear  at  all 
why  IPv6  isn’t  properly  supported 
in  this  regard.” 

Duane  Murphy,  president  of 
Managed  Information  Services  in 
Long  Beach,  Calif.,  says  he  has 
experienced  problems  with  Vista’s 
IPv6  implementation  on  the  net¬ 
works  he  runs  for  law  firms. 
Murphy  used  Network  Instru¬ 
ments’  Observer  12  application, 
which  supports  IPv6,  to  isolate 
Vista’s  IPv6  problems. 

“We  are  seeing  a  number  of 
applications  that  are  IP-based  that 
do  not  like  the  addressing  scheme 
of  IPv6,”  he  says.  “We  will  send  a 
print  job  to  an  IP-based  printer, 
and  the  print  job  becomes  cor¬ 
rupted.  We’re  seeing  this  with 
Windows  Vista  machines.  When 
IPv6  is  installed,  this  happens 
without  fail. As  soon  as  we  remove 
IPv6,  all  of  our  printer  functions 
return  to  normal.” 

Murphy  says  the  problem  has 
cropped  up  on  45  Dell  Latitudes 
and  Dimensions  running  Vista 
Business  or  Ultimate. 

“We’re  also  seeing  loss  of  net¬ 
work  connections  on  IP  when  you 
have  both  IPv6  and  IPv4  loaded 
on  the  same  machine  with  an 
IPv4-based  network"  Murphy  says. 
“As  soon  as  we  remove  IPv6,  we 
suddenly  have  connectivity  to  the 
rest  of  the  local  workstations." 

Murphy  says  he  believes  the 


problems  stem  from  Vista’s  IPv6 
implementation. 

“We  are  connecting  Observer  to 
the  monitoring  port  of  a  Cisco  or 
HP  switch,  which  allows  us  to 
monitor  all  the  traffic  across  the 
network,”  he  says.  “We  figure  out 
the  name  of  each  workstation, 
then  we  do  a  protocol  analysis  to 
figure  out  what  protocols  are  run¬ 


ning  across  the  network.  Once  we 
do  the  protocol  analysis,  we  can 
drill  down  on  IPv6  and  figure  out 
what’s  wrong.” 

Murphy  says  he  is  recommend¬ 
ing  that  his  clients  remove  IPv6 
from  their  Vista  workstations. 

Microsoft  says  it  is  difficult  to 
comment  on  the  problems 
Murphy  has  faced  with  Vista’s  IPv6 


implementation  but  the  company 
has  taken  steps  to  address  these 
types  of  compatibility  issues. 

“We  recognize  that  not  all  appli¬ 
cations  and  drivers  were  up  to 
date  by  launch  and  that  there 
have  been  some  compatibility 
issues  as  a  result,”  says  Ian 
Hameroff,  senior  product  manag¬ 
er  with  Windows  Server  Network¬ 


ing.  “But  we  also  know  that 
Windows  Vista  is  the  highest-qual- 
ity,  most  secure  and  most  broadly 
supported  operating  system  we’ve 
ever  released.” 

Hameroff  adds  that  Microsoft  is 
running  an  IPv6  network  and  “to 
my  knowledge  has  not  experi¬ 
enced  these  types  of  issues”  that 
Murphy  describes.* 


Line  up  network  problems. 


You've  got  an  eyewitness. 

Is  it  a  network,  application,  or  security  problem?  Find  out  instantly  with  the 
Network  Instruments®  GigaStor™  appliance.  No  other  analysis  device  can 
quickly  isolate  the  issue  to  provide  valuable  retrospective  analysis  and 
security  forensics.  Every  transaction  is  recorded,  making  it  easy  to  go  back  in 
time  to  determine  not  only  when  the  anomaly  took  place,  but  why. 

Resolve  intermittent  problems,  track  compliance,  isolate  VoIP  quality 
issues,  identify  zero-day  attacks  and  more  on  WAN,  Gigabit  and  10  GbE 
networks.  Reduce  network  complexity  with  the  GigaStor.  Because  when  it 
comes  to  your  network,  everything  is  a  suspect. 
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GigaStor:  Get  proof.  Take  action.  Move  forward. 


NETWORK 

INSTRUMENTS 


Learn  more  about  GigaStor.  800-526-5958 
www.Networklnstruments.com/eyewitness 


©  2007  Network  Instruments,  LLC.  All  rights  reserved.  GigaStor,  Network  Instruments,  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 
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AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 


Net  TAPS  without  the  overhead 


Test  access  points  take  out  the  risk 

Inline  devices  can  be  attached  to  the  network  without  fear  of  introducing  a 
point  of  failure.  yAp 


BY  ALASTAIR  HARTRUP 

Network  test  access  ports  were  developed 
as  portable  diagnostic  tools  to  gain  tempo¬ 
rary,  out-of-band,  nonintrusive  access  to  traf¬ 
fic  between  two  network  devices. 

Today,  TAPs  are  available  for  permanent 
deployment  in  the  data  center,  helping 
enterprises  manage  complex  infrastruc¬ 
tures.  Leveraging  a  permanent  out-of-band 
network  access  platform  (permanent TAP), 
users  are  able  to  maintain  24/7  network  vis¬ 
ibility  and  real-time  management  benefits 
without  affecting  network  performance. 

Where  SPAN  (mirrored  switch  ports)  and 
other  network  deployment  methods  once 
held  their  own,  the  increasing  data  load 
placed  on  these  tools  is  severely  affecting 
enterprise  infrastructure  management. 

Permanent  TAP  solutions  avoid  band¬ 
width  pitfalls  by  establishing  an  out-of-band 
platform  to  deploy  any  critical  network 
device.  With  a  physical  TAP  integrated  in  a 
desired  segment,  the  out-of-band  device 
has  uninterrupted,  hardware-level  visibility 
into  the  tapped  network  traffic  without  hav¬ 
ing  to  compete  for  access  and,  most  impor¬ 
tantly,  without  affecting  network  flow. 

The  detailed  visibility  that  permanent 
TAPs  provide  is  ideal  for  enterprise  moni- 


Got  great  ideas? 


■  Network  World  is  looking  for  great  ideas 
for  future  Tech  Updates.  If  you've  got  one, 
and  want  to  contribute  it  to  a  future  issue, 
contact  Editor  in  Chief  John  Dix 
(jdix@nww.com). 


toring  and  management,  giving  TAP- 
attached  devices  the  ability  to  identify 
errors  and  events  —  including  link-layer 
events  —  within  the  network. 

Conventional  deployment  methods  are 
complicated  by  the  fact  that  network  tools, 
such  as  intrusion-prevention  systems, 
require  in-band  deployment  to  actively  sort 
through  real-time  traffic.  If  not  properly 
integrated,  inline  devices  can  create  points 
of  failure. 

To  address  these  concerns,  permanent 
TAPs  can  be  used  to  move  live  traffic 
through  out-of-band  deployed  devices 
without  introducing  points  of  failure;  this  is 
commonly  referred  to  as  virtual  inline 
installation.  When  implemented,  a  virtual 
inline  TAP  safely  feeds  live  traffic  through 
the  out-of-band  device  and  back  onto  the 
network  segment,  providing  the  benefits  of 
in-band  deployment  without  the  risk  of 
point  failure. 

While  vendors  use  various  methods  to 
accomplish  this,  the  key  to  achieving  virtu¬ 
al  inline  installation  is  through  a  bypass- 
able  fail-safe  connection  capable  of  keep¬ 
ing  the  original  network  path  available  in 
the  event  of  power  loss  or  network  device 
failure. 

A  permanent  TAP  solution  can  achieve 
this,  for  example,  by  constantly  checking 
the  health/availability  of  the  deployed 
device  by  passing  “heartbeaf-monitoring 
packets  through  its  out-of-band  network 
path.  Inserted  into  one  end  of  the  path,  if 
the  heartbeat  isn’t  detected  on  the  other 
end,  the  out-of-band  network  connection  is 
immediately  bypassed  and  traffic  will  flow 
along  its  original  path  as  if  the  TAP  were 


never  there.  This  fail-safe  capability  helps 
ensure  that  the  network  device  is  always 
functioning  properly  and  removes  the 
threat  of  inline  point  failure. 

Using  virtual  inline  installation,  devices 
can  also  be  manually  bypassed  for  real¬ 
time  change  control.  This  is  especially 
valuable  when  security  patches  are  need¬ 
ed  for  a  device  that  cannot  wait  for  the 
next  scheduled  maintenance  period. 
Using  the  TAP-bypass  method,  the  out-of- 
band  device  is  brought  offline  for  change 
and  then  brought  back  online  once  it’s 
ready  to  use  again. 

The  features  and  options  developed  for 
permanent  TAPs  continue  to  mirror  the 
needs  of  evolving  enterprise-class  sys¬ 
tems.  Permanent  TAPs  are  designed  to  fit 
into  1U  and  2U  data  center  rack  spaces, 
and  come  readily  available  with  AC  or 


DC  power  supplies. 

With  features  like  many-to-manyTAP-con- 
nection  systems,  traffic  stream  aggregation, 
two-way  traffic  visibility  multiple  port  moni¬ 
toring,  fiber-to-copper  and  copper-to-fiber 
connections, TAPs  are  clearly  positioned  to 
provide  users  with  improved  ways  to  inte¬ 
grate  network  devices,  and  monitor  and 
manage  critical  infrastructure. 

As  enterprise  systems  continue  to  ex¬ 
pand,  the  ability  to  carry  out  network  man¬ 
agement  from  a  24/7  out-of-band  access 
platform  may  provide  the  missing  link 
needed  to  resolve  today’s  growing  enter¬ 
prise  challenges. 

Hartrup  is  founder  and  CEO  of  Network 
Critical.  He  can  be  reached  at 
alastair.hartrup@networkcritical.com.  - 
www.  criticalTAPcom 


Ask  Dn  Internet  By  Steve  Blass 


I  have  two  questions  about  using  Dreamweaver 
and  Flash  to  publish  video  on  Web  pages.  The 
first  is  how  can  I  connect  Dreamweaver  to  a 
site  using  a  nonstandard  SFTP  port?  The  second 
is  how  do  5  convert  a  Windows  movie  file  to  a 
Flash  video  and  put  it  in  a  Web  page? 

To  connect  to  an  SFTP  server  on  a  nonstandard  port 
in  Dreamweaver  you  place  the  port  number  in  the  FTP 
Host  text  box  after  the  host  name  so  that  instead  of 
just  having  “MyFTPHost"  in  the  host  field  you  have 


“MyFTPHost  portnum"  with  a  space  between  the  host 
name  and  the  port  number. 

To  create  Flash  video  for  publication,  start  by  open¬ 
ing  Flash  and  creating  a  new  Flash  document.  Now 
choose  the  File  menu,  select  the  !mport->lmport  Video 
option  and  navigate  to  your  source  video  file  using  the 
Browse  button  in  the  Import  Video  dialog.  Click  Next 
and  choose  your  deployment  method  in  the  next  dialog. 
Progressive  download  is  probably  your  best  choice. 
Click  Next  and  choose  the  encoding  method  for  the 
video;  accepting  the  defaults  is  a  safe  choice.  Click 


Next  and  choose  the  "skin"  for  your  video  presentation 
from  the  list  in  the  dialog.  Now  click  Next  and  your 
video  will  be  encoded.  You  then  can  use  the 
Modify/Document  menu  item  to  resize  your  Flash 
stage  to  match  your  video.  Now  select  Publish  from 
the  File  menu  to  publish  your  swf,  flv,  f la  and  html  files 
to  a  local  directory.  Now  you  are  ready  to  publish  the 
files  to  your  Web  site  using  Dreamweaver. 

Blass  is  an  IT  manager  in  Phoenix.  He  can  be  reached 
at  drinternet@jshnee.com. 
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Virtual  burn  and  rip 


GEARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

Mark  Gibbs 


OK,  I’m  back  to  my  theme  of  CD 
and  DVD  creation  and  management 
tools  that  I  delayed  for  a  week  while  I 
discussed  some  cool  new  hardware. 

But  first,  a  couple  of  corrections: 
Last  week  I  wrote  that  the  Saitek 
Obsidian  Wireless  mouse  cradle 
charges  the  mouse.  Not  true  —  the 
mouse  is  powered  only  by  the  re¬ 
chargeable  batteries  that  come  with 
it.  1  also  failed  to  mention  that  the 
mouse  has  a  total  of  five  buttons  — 
the  two  regular  left  and  right  buttons 
1  mentioned, as  well  as  one  on  the  right  that  can  be  used  by 
some  applications  and  two  on  the  left  that  work  with 
Internet  Explorer  to  go  forward  and  backward. 

Now  that  I’m  in  my  second  week  of  using  the  Saitek 
Obsidian  I  am  a  little  more  reserved  in  my  enthusiasm.lt  is 
still  one  sleek  mouse,  but  its  touch-sensitive  scroll  feature  is 
too  sensitive.  This  means  that  often  when  you  don’t  want 
scroll-lock  to  lock.it  does.  Another  issue  is  that  I  often  press 
the  two  left-side  buttons  accidentally  and  a  lot  of  swearing 
is  the  result.  But  these  issues  may  disappear  when  I  get 
more  accustomed  to  it. 

Anyway  back  to  CD  and  DVD  stuff:  I’d  wondered  for  some 
time  whether  there  was  a  product  that  could  create  a  vir¬ 
tual  CD  burner  so  I  could  burn  virtual  CDs  from  iTunes. 

My  thinking  on  this  is  that,  like  almost  everyone  I  know, 
after  I  buy  music  from  iTunes  I  often  want  to  listen  to  it  on  a 


device  other  than  an  iPod.  To  do  this  I  have  to  burn  the 
tracks  to  a  CD,  then  rip  that  CD  to  MP3  files.  While  the 
process  does  give  me  a  backup  copy,  it  wastes  CDs  and  is 
always  far  more  time-consuming  than  I  would  like. 

So,  after  looking  around  and  trying  a  few  products  that 
didn’t  do  what  I  wanted  —  they  provided  only  a  virtual 
drive  and  weren’t  actual  burner  emulators  —  I  stumbled 
across  an  ambitious  piece  of  software  engineering  named 
Virtual  CD  published  by  H+H  Software. 

After  I  buy  music  from  iTunes  I 
often  want  to  listen  to  it  on  a 
device  other  than  an  iPod. 

Virtual  CD  is  available  as  both  32-  and  64-bit  drivers  for 
Windows  XP  Windows  XP64  and  Windows  Vista,  and  is 
pretty  painless  to  install.  Given  that  it  is  a  device  driver,  I 
didn’t  mind  having  to  reboot  (something  I  consider  a  sin 
when  installing  any  nonsystem-level  program). 

Virtual  CD’s  main  user  interface,  the  Toolbox,  gives  you 
access  to  the  suite’s  huge  number  of  functions.There’s  also 
an  optional  “autohideable”  task  pane  that  provides  access 
to  all  of  the  functions,  and  you  can  create  simple  scripts 
that  can  load,  burn  and  unload  virtual  and  real  media. 

The  top-level  features  include  “Main  tasks  in  Virtual  CD,” 
“Working  with  virtual  CDs, ’’“Burning  virtual  CDs  and  DVDs,” 
“Helper  programs,”  “All  Virtual  CD  programs"  and  “Docu¬ 
mentation.”  Any  feature  can  be  saved  as  a  shortcut  to  the 


desktop,  which  makes  workflow  automation  very  easy 

You  can  define  as  many  as  23  drives  as  burners  or  read¬ 
only  drives  and,  as  far  as  the  software  I’ve  tried  is  con¬ 
cerned,  the  Virtual  CD  drives  look  exactly  like  what  they  are 
supposed  to  be  —  real  drives. 

1  configured  a  virtual  burner  on  drive  K:  and  under  the 
“Burning  virtual  CDs  and  DVDs,”  ran  the  feature  to  create  a 
virtual  blank,  700MB,  ISO-formatted  CD,  which  I  then  loaded 
onto  K:drive. 

After  setting  up  the  burner  I  instructed  iTunes  to  burn  an 
audio  CD  with  a  sample  rate  of  192Kbps.  Because  the  drive 
is  a  virtual  burner,  burning  happens  at  a  much  higher  speed 
than  it  would  with  a  real  burner.According  to  the  company 
the  virtual  burners  can  run  as  fast  as  78X  for  CDs  and  9.8X 
for  DVDs;  the  actual  speed,  of  course,  depends  on  your  spe¬ 
cific  PC  configuration.  I  haven’t  yet  tried  burning  virtual 
DVDs,  but  for  virtual  CDs  I  got  about  60X. 

Now  that  I  had  a  virtual  CD,  I  ripped  it  to  MP3s  using 
WinAmp,  which  in  turn  used  CD  Database  to  identify  the 
content  and  fill  in  the  MP3  header  fields.  Perfect. 

The  only  drawback  with  Virtual  CD  is  that  it  does  so  much 
it’s  hard  to  find  your  way  around,  and  it  could  be  a  bit  bet¬ 
ter  organized.Virtual  CD  does  have  an  API  so  you  can  inte¬ 
grate  its  functions  with  other  applications.  In  addition,  there 
are  network  versions  so  you  can  manage  virtual  burners 
and  drives  on  multiple  workstations.  All  told,  Virtual  CD  is 
an  amazing  product  —  and  at  $39.95,  a  steal! 

Whatchathink?  Tell  gearhead@gibbs.com. 


CoolTools 

Quick  takes  on  high-tech  toys.  Keith  Shaw 


The  scoop:  UpStage  (model  SPH-M620)  with  Sprint 
Nextel  service,  by  Samsung,  about  $300  ($100  with 
rebates  and  two-year  activation). 

What  it  is:  With  last  week’s  announcement  by  Apple  that  the  heavily 
hyped  iPhone  will  be  available  on  June  29,  time  is  running  out  for 
phone  companies  to  come  up  with  their  own  iPhone  killer  or  iPhone 
alternative.  Looking  at  the  dual-sided  Upstage  mobile  phone, one  has  to 
wonder  why  nobody  thought  of  merging  a  mobile  phone  and  a  digital 
music  player  before.  Until  now,  most  vendors  of  mobile  phones  with 
multiple  applications  and  features  squeezed  them  into  the  phone  inter¬ 
face  and  hoped  users  would  be  able  to  figure  out  how  to  use  the  cell¬ 
phone  keypad  for  listening  to  music  or  taking  a  digital  photo. 

Along  the  way  someone  thought,  “let’s  just  have  a  second  screen 
and  put  it  on  the  back  of  the  phone.”  Brilliant.  So,  on  one  side  of  the 
UpStage  is  a  larger  screen  that’s  dedicated  to  playing  music.  Its  thin 
silhouette  reminds  me  of  the  iPod  nano.  If  you  want  to  make  or 
answer  a  phone  call,  you  push  the  “flip”  button  on  the  side  and  turn 
the  phone  around,  and  voila,you  have  a  standard  cell-phone  user 
interface  and  keypad. 

Why  it’s  cool:  That  the  UpStage  is  dual-sided  is  its  coolest  feature,  but  the  device 
also  lets  you  download  songs  over  the  air  from  the  Sprint  Music  Store  —  or  you 
can  “side  load”  music  onto  the  miniSD  card  through  a  PC  (it  comes  with  an  SD 
card  adapter  as  well  as  a  USB  cable).  Other  features  are  a  1.3-megapixel  digital 
camera  and  camcorder,  Bluetooth  connectivity  for  a  hands-free  headset,  and 
Bluetooth  headphones  (for  listening  to  music  wirelessly). 

Some  caveats:  The  music-player  side  of  the  UpStage  wants  to  be  more  like  an 
iPhone,  with  a  touch-sensitive  keypad  instead  of  buttons  to  push.  Training 


yourself  to  apply  the  correct  pressure  on 
the  keypad  to  make  the  right  choice  takes 
a  while,  and  you’ll  either  get  very  frustrat¬ 
ed  by  this  process  or  you’ll  bear  with  it 
and  just  curse  at  the  menu  on  occasions. 
I  think  Samsung  was  trying  to  be  too  cute, 
providing  the  touch  interface  instead  of  a 
better  system  of  navigating  around 
menus. 

Holding  the  UpStage  can  be  tricky  also. 
No  matter  which  side  you’re  looking  at,  the 
other  side  will  be  touching  your  hand,  and 
both  displays  eventually  will  have  to  be 
cleaned  of  handprints,  fingerprints  and  so 
forth.  Fortunately,  the  UpStage  comes  with  a 
cover  battery  pack  that  doubles  as  a  sec¬ 
ond  portable  battery  and  case  cover  to  pro¬ 
tect  it  from  scratches  while  you’re  carrying 
it  around. 

Bottom  line:  With  the  Apple  iPhone 
(available  exclusively  from  AT&T)  com¬ 
ing  very  soon,  it  should  be  interesting  to 
see  whether  Sprint  will  market  the  UpStage  as  an  iPhone  killer  or  as  an  iPhone 
alternative.  From  a  technical  standpoint  the  UpStage  has  many  (if  not  more)  of 
the  features  the  iPhone  claims  to  support.  Without  the  Apple  mystique,  however, 
it  could  face  an  uphill  battle  as  other  vendors  and  carriers  come  out  with  their 
own  iPhone  combatants. 

Grade:  ★★★★  (out  of  five) 

Shaw  can  be  reached  at  kshaw@nww.com.  New  Cool  Tools  video  every 
Thursday,  and  Twisted  Pair  Podcast  every  Friday  at  www.networkworld.com. 


Samsung's  UpStage  offers  two  sides  with  different  fea¬ 
tures  —  one  is  a  phone  and  the  other  is  a  music  player. 


»  Worms,  trojans,  zombies,  phishers  and  spyware  all  nipping  at  your  network?  Then  jump  to  Juniper.  Juniper  Networks 
security  solutions  scale  from  large  distributed  enterprises  to  small  businesses  —  protecting  the  entire  network 
against  internal  and  external  threats. 

It’s  security  that’s  comprehensive,  cost-effective,  never  compromised. 


Juniper 

o' Net. 


Only  Juniper  makes  any  network  more  secure:  www.juniper.net/threatmanagement 


1.888. JUNIPER 
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Bots  on  your  net? 
Look  twice 

Think  the  botnets  you  read  about  consist  solely  of 
zombies  on  unprotected  consumer  PCs?  Think 
again. 

Gartner  predicts  that  by  year-end  75%  of  enterprises  “will 
be  infected  with  undetected,  financially  motivated,  targeted 
malware  that  evaded  traditional  perimeter  and  host  defens¬ 
es,”  and  early  reports  from  beta  customers  of  a  yet  to  be  re¬ 
leased  product  from  Mi5  show  how  nefarious  these  infec¬ 
tions  can  be. 

Mi5  says  it  installed  a  Web  security  beta  product  at  an  orga¬ 
nization  with  12,000  nodes  and  in  one  month  detected  22 
active  bots,  123  inactive  bots  and  was  watching  another  313 
suspected  bots.That  may  not  sound  like  a  lot,  but  those  bots 
were  responsible  for  136  million  bot-related  incidents,  such 
as  scanning  for  other  hosts  inside  the  firewall. 

Web  sites  are  the  source  of  all  this  nasty  code,  Mi5  says,  and 
Google  research  backs  that  up.  In  a  recently  released  report 
(see  www.nwdocfinder.com/9027)  Google  researchers  say 
they  did  an  in-depth  analysis  of  4.5  million  URLs  and  found 
that  450,000  —  one  in  10  —  were  “successfully  launching 
drive-by-downloads  of  malware  binaries."  Another  700,000 
URLs  seemed  malicious  but  the  researchers  had  lower  confi¬ 
dence  in  their  ability  to  label  them  as  such. 

Once  bots  have  successfully  infected  corporate  resources, 
they  scan  the  network  for  vulnerable  hosts, spread  where 
they  can  and  report  back  to  central  command  about  how 
many  systems  are  under  control. The  network  is  then  avail¬ 
able  for  whatever  wrongdoing  the  botnet  operator  has  in 
mind,  be  that  generating  spam,  launching  denial-of-service 
attacks  or  collecting  confidential  data. 

Bot  communications  with  controllers  is  where  bots  are 
most  detectable/vulnerable,  Mi5  says, so  reporting  is  typically 
limited  to  a  few  messages  per  month. That’s  one  of  the  things 
that  makes  bots  difficult  to  detect,  but  a  host  of  other  devel¬ 
opments  contribute  as  well. 

Lor  one,  botnets  today  typically  have  multiple  control 
servers  “It  used  to  be  if  you  cut  off  the  head  you  killed  the 
net,”  says  Doug  Camplejohn,  Mi5  CEO.  Now  botnets  have  mul¬ 
tiple  heads,  and  control  can  be  changed  every  few  minutes. 
They  even  dynamically  change  IP  addresses. 

And  two,  bots  also  are  infecting  more  than  just  desktops. 
SMI  P  servers  are  a  common  target,  Camplejohn  says,  and 
servers  in  genera!  are  being  increasingly  targeted,  even  Unix- 
based  servers. 

How  much  do  the  bad  guys  make  using  your  resources  to 
"in  their  business?  Camplejohn  says  the  going  rate  is  about  5 
cents  per  node, so  $50,000  rents  a  million-node  network 
capable  of  generating  20  to  25  gigabits  worth  of  traffic. 

Do  you  know  what's  on  your  network? 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Galling  Microsoft's  bluff 

In  reference  to  Tom  Henderson’s  story  “A  call  to 
action  against  Microsoft’s  open  source  threats” 
(www.nwdocfinder.com/9024),  I  have  to  take  issue 
with  him  regarding  the  quality  of  Microsoft’s  prod- 
ucts.They  have  always  been  buggy  and  counterintu¬ 
itive  to  use. 

With  regard  to  the  concept  of  patents,  they  were 
invented  by  King  James  to  benefit  society  not  indi¬ 
viduals.  If  there  were  no  software  patents,  would  it 
result  in  less-innovative  software  being  written?  1 
think  not.  Are  monopolies,  in  any  guise,  good  for 
democratic  capitalist  society?  I  think  not.  Do  soft¬ 
ware  patents  teach  us  anything  we  wouldn’t  already 
know  or  be  able  to  figure  out  ourselves?  I  think  not. 
In  other  words,  there  is  no  merit  in  the  concept  of 
software  patents. 

Consider  another  aspect  of  this  matter.  It  is  an 
offense  to  obtain  money  by  menacing  someone. 
Without  substantive  proof,  Microsoft  is  demanding 
money  from  people  using  open  source.  I  think  it 
would  be  a  better  proposition  to  mount  a  class- 
action  suit  against  Microsoft  seeking  fines  of  mil¬ 
lions  of  dollars  a  day  until  it  withdraws  its  claims  and 
proves,  through  a  normal  process  of  law,  its  claims 
have  substance. 

Microsoft  should  be  required  to  prove  its  case 
before  it  causes  alarm  by  demanding  payment 
where  none  is  due.To  the  reasonable  person,  it  seems 
Microsoft’s  tactics  aim  to  discourage  investment  and 
stymie  the  use  of  open  source  software  by  corpora¬ 
tions.  On  the  basis  of  what  is  known,  it  would  appear 
Microsoft  could  be  guilty  of  fraudulent  behavior  in 
that  it  seeks  to  benefit  through  deception. 

To  do  this  constitutes  an  offense  under  common 
law.  If  it  proves  its  case,  it  should  make  public  the 
source  code  it  claims  has  been  infringed.  Once 
Microsoft  has  provided  the  source  code,  it  should 


be  placed  on  a  Web  site  for  worldwide  scrutiny  to 
determine  if  there  is  prior  art  [a  patent  term  refer¬ 
ring  to  existing  knowledge]  or  if  the  code  has 
been  copied  from  someone  else.  I  am  certain  that 
anyone  skilled  in  the  art  would  find  the  code  to  be 
of  an  obvious  nature. 

Kevin  Loughrey 
Managing  director 
A  Perfect  PC  and  Non  Volatile  Technologies 

SydneyAustralia 

Support  for  Musthaler 

Re:  Linda  Musthaler’s  column  on  broadband  being 
vital  to  the  United  States’  economic  future  (www.nw 
docfinder.com/9025),  thank  you  for  an  excellent 
expose  of  what  we  lack.  It  took  stamina  and  guts  to 
open  the  door  for  the  American  people  to  know 
how  much  they  are  being  screwed.  I  would  be  will¬ 
ing  to  do  anything  I  can  to  help,  but  as  a  woman,  past 
60  and  handicapped,  who  is  going  to  listen  to  me? 

Leeland  Webster 
North  Wilkesboro,  N.C. 

Kudos  for  CGleaner 

In  reference  to  Mark  Gibbs’  recent  column  “Getting 
rid  of  the  rest  of  the  cruft”  (www.nwdocfinder.com 
/9026),the  best  features  of  CCleaner  are  that  it  has 
a  small  footprint  and  can  be  run  by  right-clicking 
the  Recycle  Bin.  But  the  best  feature  of  all  is  the 
Secure  Delete  function,  which  lets  you  shred  data 
with  a  7  pass  NSA  deletion  method. 

Matthew  G.  Davidson 
Glastonbury  Conn. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


Readers  respond  Find  out  what  readers  are  saying  about  these  and  other  topics. 
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Virtual  Academy  of  Technology 

Continuing  Education  for  Small  and  Medium  Businesses 


w  w  w.v  irtua  l  academy-nww.com 


It’s  a  world  of  opportunity,  if  you  are 
ready— and  able.  Through  ups  and 
through  downs,  the  key  to  survival  and 
success  is  to  maintain  and  sharpen  your 
competitive  edge.  SMBs  have  a  particu¬ 
larly  daunting  challenge  because  they 
must  be  able  to  compete  with  industry 
giants  as  well  as  small  upstarts. 

Competitive 

That  means  making  smart  technology 
investment  choices  that  position  you  to 
succeed  and  grow,  while  keeping  costs 
in  check. 


The  Virtual  Academy  of  Technology  is 
your  online  resource  to  help  you  make 
choices  that  will  get  you  competitive 
and  keep  you  competitive— with  the  lat¬ 
est  information  from  industry  experts  as 
well  as  new  ideas  from  your  peers. 


THE  VIRTUAL  ACADEMY  OF 
TECHNOLOGY  INCLUDES: 


HONE  YOUR  ORGANIZATION’S 

COMPETITIVE  EDGE-BY  FIRST  SHARPENING 

YOUR  COMPETITIVE  THINKING 

The  Virtual  Academy  of  Technology  is  a  chance  to 
refresh  and  update  your  thinking  through  a  conven¬ 
ient  set  of  linked  educational  resources.  The 
Competitive  Edge  focus  of  Semester  Two  at  the 
Virtual  Academy  of  Technology  follows  up  on  the 
Semester  One  look  at  Total  Cost  of  Ownership  (TCO). 
And  if  you  want  to  participate  in  Semester  Two  but 
are  concerned  about  having  missed  Semester  One, 
don’t  worry — most  program  elements  are  still  avail¬ 
able  for  you  to  use. 


»  Topic-focused  websites 
»  Exclusive  white  papers 
»  Focused  and  relevant  videos 
»  Real-world  case  studies 
»  Carefully  crafted  tutorials 
»  Interactive  webcasts 

NETWORKWORLD 


sponsored  by: 


FREE  TICKET  TO 
Oracle  OpenWorld  2007 

There  are  even  special  incentives  for  participants  who 
successfully  satisfy  the  requirements  of  each  semes¬ 
ter,  including  an  exclusive  IDC  Workbook  with  facts 
and  exercises  to  help  you  understand  more  about 
decision-making  relative  to  business  applications  and 
technology  investments  for  small  and  medium  busi¬ 
nesses,  as  well  as  a  chance  to  win  a  free  ticket  to 
Oracle  OpenWorld,  November  11-15,  2007  at  the 
Moscone  Center  in  San  Francisco. 

To  learn  more  about  the  Virtual  Academy  of 
Technology,  visit:  www.virtualacademy-nww.com. 
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SERVERS.  CONTINUED  FROM  PAGE  1 


Because  vendor  blade  offerings  have  at  least  some  things  in 
common,  we  believe  these  tesh results  are  applicable  generally 
to  blades  from  other  vendors  —  Dell  and  HTffor  example  — 
although  there  may  be  vendor-specific  considerations  in 
assessing  prod (lets'  from  other  vendors. 


ilMiftT 


ir  RACKS 

m 


We  found  that  blade  servers  reduce  but  don’t  elimi¬ 
nate  redundant  hardware  components  requiring  elec¬ 
trical  power,  a  pivotal  consideration  in  total  cost  of 
ownership  (TCO).That  said,  while  IBM’s  blade  servers 
equaled  the  performance  of  its  rackables,  the  blades 
were  more  power  efficient  and  potentially  much  eas¬ 
ier  to  service. 

While  rackables  are  less  expensive  than  blades  when 
buying  only  one  or  two  servers  because  you  have  to 
factor  in  the  cost  of  the  blade  chassis,  a  fully  config¬ 
ured  blade  chassis  is  the  more  economical  hardware 
buy  than  purchasing  the  same  number  of  rackable 
servers.  On  the  other  hand,  adopting  a  blade  configu¬ 
ration  demands  a  vendor  lock-in  that  rackables  don’t 
because  they  can  be  added  one  at  a  time  as  needed. 
Also,  blades  fall  short  for  applications  that  require 
large  amounts  of  on-board  storage. 

Product  details 

We  tested  two  types  of  blades  from  IBM,  the  HS21 
and  HS21  XM.  Both  slid  into  the  IBM  Blade  Center  H 
(BC-H)  chassis  comprising  a  10GB  Ethernet  switch,  a 
1GB  Ethernet  switch  and  four  power  supplies. The  XM 
had  a  2.33GHz  Intel  quad-core  CPU,  and  the  HS21  had 
a  2.0GHz  CPU.  IBM  sent  the  XMs  with  16GB  of  double- 
data-rate,  second-generation  (DDR2)  memory,  and  the 
HS21s  with  8GB  of  DDR2  memory. 

In  their  specifications,  these  blades  are  comparable 
to  the  two  x3550  rack  servers  that  IBM  sent,  except  that 
there’s  more  space  available  inside  the  x3550s.  IBM 
also  sent  one  x3650  2U  server,  which  included  three 
RAID  drives  in  RAID  5  configuration, a  RAID  controller 
and  a  hot-spare  drive. 

Prices  for  the  blades  ranged  from  $7,100  for  an  HS21 
with  2.0GHz  twin-quad-core  Intel  CPUs  with  8GB  of 
memory,  to  $9,800  for  a  hefty  HS21  XM  with  a  twin  set 
of  Intel  2.33GHz  quad-core  CPUs,  16GB  of  memory 
and  an  onboard  RAID  0/1  configuration.  Additionally, 
the  BC-H  chassis  runs  about  $17,000. 

The  rackables  cost  $7,900  to  $9,300  depending  on 
CPU  clock-speed  enhancements,  extra  memory  and 
RAID  controllers  with  extra  drives. 

Blade  servers’  drawbacks  still  prevent  their  adop¬ 
tion  for  some  applications,  such  as  those  requiring 
large  amounts  of  on-board,  indeterminate  storage 
expansion. 

Even  though  performance  tests  among  servers  with 
comparable  CPU  clock  and  memory  configurations 
were  virtually  identical,  faster  CPUs  probably  will 
arrive  first  in  rackable  form.  This  may  not  always  be 
true,  but  our  experience  suggests  any  vendor  can 
adapt  the  1U  or  2U  form  factor  rapidly,  while  blade 
vendors  have  to  plan  in  advance  to  accommodate 
new  motherboard  component  combinations. 

Blades’  density  sometimes  works  against  them. 
They  weigh  more  than  rack-mounted  servers.  The 
backplanes  of  blade  servers  also  represent  potential 
(but  rare)  single  points  of  failure  —  despite  redun¬ 
dant  power  supplies  and  other  duplicated  or  redun¬ 
dant  components. 


In  addition,  a  data  center  using  blades 
is  captive  to  the  vendor’s  business  part¬ 
ners  to  supply  such  devices  as  storage- 
area  network  (SAN)  switches  or  Ethernet  switches, 
because  these  must  be  housed  inside  the  blade  chas¬ 
sis.  This  is  OK  if  the  vendor  is  competent,  spares  are 
available,  and  the  chosen  technology  components 
mesh  with  current  and  proposed  network  operations 
center  (NOC)  gear.  If  all  works  with  little  orchestra¬ 
tion,  costs  will  remain  low. 

Performance  is  a  wash 

Performance  among  the  IBM  servers  we  tested  was 
startlingly  similar.  All  had  Intel  quad-core  CPUs  — 
two  per  server  —  and  the  performance  variables  we 
saw  favored  RAID  1  and  RAID  5  configurations  in 
terms  of  speed. 

Our  usual  benchmark,  LMBench3,  showed  that  one 
of  the  tougher  tests  —  processor  fork+execve  (which 
deals  with  file  I/O  and  memory  shifting)  —  executed 
in  an  average  of  173.2  microsec  vs.  289.9  microsec,  a 
40%  increase  in  speed. 

The  results  of  all  tests  on  all  IBM  servers  were  almost 
identical  —  except  that  the  RAID  drives  on  the  HS21 
XM  models  and  x3650  server  were  slightly  faster  than 
NT-File-System-  or  ext3-formatted  drives.  The  faster, 
2.66GHz  CPU  clock  of  the  x3550  and  x3650  units  gave 
them  a  slight  performance  edge  as  well. 

Comparing  the  performance  characteristics  of  these 
servers,  therefore,  is  an  exercise  in  apples-to-apples,  if 
you’ll  pardon  the  testing  pun. 

It  largely  all  boils  down  to  power 

Often,  not  enough  attention  is  paid  to  what  may  be  the 
largest  server  operational  cost:  power  consumption. 

IBM’s  stated  power  budget  for  the  blades  and  the 
rack  servers  was  higher  than  we  measured.  In  our  test, 


THE  TALLY 

Blades  vs.  rackables: 

What’s  got  the  edge? 

This  tally  is  based  on  our  hands-on 
assessment  of  equivalent  numbers  of 
IBM  XM  blade  servers  and  IBM  x3550 
and  x3650  rackable  servers. 
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68  degrees  Fahrenheit)  and  the  fact  that  IBM  could 
not  supply  us  a  fully  loaded  blade  chassis  may  have 
contributed  to  lower-than-expected  power  consump¬ 
tion.  We  multiplied  our  measurements  to  obtain  a 
comparison  between  14  blade  servers  in  the  IBM  chas¬ 
sis  and  14  IBM  rack  servers. 

If  data-center  cooling  and  power  and  the  center’s 
floor  load-bearing  qualities  (the  floor  has  to  bear 
loads  that  literally  can  weigh  a  ton)  are  satisfactory,  a 
blade  chassis  filled  with  blades  provides  the  least 
expensive  TCO  in  terms  of  power  consumption  over 
five  years  (see  graphic,  below). 

Rack  servers,  compared  with  the  components  in  the 
blade  server  and  a  fully  loaded  blade  server,  consume 
more  power,  and  this  adds  to  their  infrastructure 
expenditures  over  a  five-year  life.The  flexibility  of  hav- 


the  low  ambient  temperature  (our  lab  operates  at 

See  Servers,  page  24 

TRACKING  POWER 

IBM  server  model 

CONSUMPTI 

Base  power  consumption 

ON 

Kilowatt  hours 
consumed  over 
five  years 

Total  cost  at 

3  cents  per  kW/hour 
over  five  years 

BC-H  Chassis,  no  blades 

.510  kilowatt/hr 

22,350 

$670.50 

BC-H  HS21  blade 

.318  kilowatt/hr 

13,936 

$418.08 

x3550  server 

.373  kilowatt/hr 

16,346 

$490.39 

x3650  server 

.455  kilowatt/hr 

19,940 

$598.20 

BC-H  chassis  with  14,  HS21  blades 

4.962  kilowatt/hr 

217,455 

$6,523.65 

14  x3550  servers 

5.222  kilowatt/hr 

228,849 

$6,865.46 

14  x3650  servers 

6.370  kilowatt/hr 

279,259 

$8,374.80 

Figures  do  not  include  costs  for  cooling  or  redundancy. The  server  configurations  tested  were  what  IBM  referred 
to  as  typical  and  did  not  have  advanced  options,  maximum  memory  and  any  additional  Fibre  Channel,  InfiniBand 
or  other  PCIe  bus  cards  that  probably  would  lead  to  higher  power  consumption. 
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PBX,  your  gateways,  even  your  phones.  Add  software.  Software  th<v  imeovte- 
with  Active  Directory,®  Microsoft1*  Office,  Microsoft  Exchange  Set  -r  and 
PBX.  Simply  maximize  your  current  PBX  investment  and  rrf&fe  if  part  o'  you?  hen 
software-based  VoIP  solution.  Because  what  you  have  is  good  yVha;  >  oL»  ivv*  w  ‘  \ 
the  right  software  is  even  better.  Learn  more  at  microscft  comfyo.p 


Let's  leave  the  hardware  where  it  is. 

Introducing  the  software-based  VoIP  solution  from  Microsoft.  It's  a  whole  new 
way  to  look  at  telephony.  As  it  turns  out,  that  important  move  to  VoIP  isn't  about 
ripping  and  replacing  or  big,  upfront  costs.  That's  because  it's  no  longer  about 
hardware.  It's  actually  about  software.  That's  right.  Keep  your  hardware — your 


Your  potential  Our  pcssjdpl. 

Microsoft 
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Servers 

continued  from  page  22 

ing  RAID  5  in  a  rack  server  is  offset  by  its  power  con¬ 
sumption,  although  with  a  blade  configuration  you 
might  run  into  additional  costs  for  external  storage. 

Toward  TCO 

The  cost  of  the  IBM  blade  server  configured  with  the 
maximum  14  blades  is  $1 17, 400.  Add  power  consump¬ 
tion  (except  for  the  cost  of  cooling),  and  the  total 
becomes  $123,900. 

The  equivalent  number  of  x3550  1U  servers  at  $7,900 
comes  to  $1 16,700.  When  the  cost  of  the  needed  six- 
port  10G  Ethernet  and  24-port  Gigabit  Ethernet  switch¬ 
es  and  power  consumption  costs  are  added,  the  cost 
climbs  to  $129,200.  The  x3650  has  a  total  capital  cost 
of  $129,800  ($9,300  each),  and  with  the  aforemen¬ 
tioned  10G  Ethernet  and  Gigabit  Ethernet  switches 
plus  power  consumption,  the  cost  comes  to  a  whop¬ 
ping  $150,700. 

In  the  widest  stretch,  between  the  loaded  BC-H  vs. 
an  equivalent  number  of  x3650  servers,  there  is  an 
18%  price  differential  over  five  years. This  becomes 
amplified  if  power  costs  increase  over  our  —  admit¬ 
tedly  very  inexpensive  —  3  cents  per  kilowatt-hour, 
which  is  a  typical  price  for  a  large  NOC  in  the 
Midwest,  where  we  tested  this  gear.  In  other  parts  of 
the  country,  power  can  be  more  expensive  and  sub¬ 
ject  to  peak  usage  rates. 

Other  Implications 

Servicing  blades  ultimately  is  faster  than  servicing 
rack  servers  for  several  reasons.  First,  the  overall  size 
and  weight  of  a  blade  is  easier  to  handle  because  its 
power  supply  is  common  to  other  components.  We 
could  pull  a  blade  from  a  server  in  about  3  seconds, 
whereas  pulling  a  rack  server  took  more  than  a 
minute,  even  when  cable  management  components 


were  well  designed  and  implemented.  It  would  take 
much  longer  if  a  rack  was  in  any  state  of  disarray. 

We  measured  how  long,  once  a  unit  was  out  of  a 
rack,  it  takes  to  change  memory  or  a  hard  drive  —  the 
two  components  most  frequently  changed  by  a  server 
administrator.  In  this  case,  the  times  were  a  wash.  The 
time  needed  to  reinsert  equipment  and  bring  a  server 
back  online  was  far  faster  with  a  blade  server  than 
with  a  rack  server  because  no  cables  needed  to  be 
reconnected. 

There  is  much  to  be  said  for  how  using  blades 
reduces  the  number  of  power  cables  needed,  as 
power  cables  are  reduced  from  as  many  as  80  to 
eight. The  number  of  copper  or  fiber  Ethernet  cables 
also  is  reduced  dramatically,  as  well  as  the  clutter 
that  cables  introduce  and  the  air  flow  reduction  that 
they  represent. 

Additional  costs  are  associated  with  management 
components.  In  the  case  of  the  IBM  servers  we  tested, 
we  used  IBM  Director  to  manage  both  types.  Director 
must  be  “housed”  on  its  own  rackable  server  or  blade, 
and  the  server  has  its  own  set  of  costs,  although  it  need 
not  be  a  high  performer  with  lots  of  storage.  We  down¬ 
loaded  various  operating  systems,  including  several 
instances  running  via  EMC’sVMware  ESX,  and  config¬ 
ured  them  on  the  blade  and  rackable  servers  using 
Director.  Some  vendors  charge  per  installation  or  per 
server  for  management  components,  and  it’s  impor¬ 
tant  to  check  how  much  these  valuable  and  time¬ 
saving  applications  will  cost. 

Blade  Limitations 

The  amount  of  onboard  blade-server  storage  media  is 
limited,  a  function  of  the  small  size  of  a  blade  and  its 
heat  dispersion  needs.The  blades  we  tested  could  have 
RAID  configurations  on  them,  but  only  a  RAID  1  mirror¬ 
ing  or  RAID  0  nonredundant  disk  striping.  This  means 
that  capacities  are  bound  by  the  size  of  the  drives  ven- 
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How  we  did  it 


tested  four  types  of  IBM 
servers.  An  IBM  blade  chassis 
(BC-H)  was  used  to  house 
blades,  and  we  mounted  servers  into  our  racks. 
We  used  a  TED  Model  1000  power  meter  that  mea¬ 
sures  kilowatt-hours  attached  to  a  custom-built 
cabling  plug  and  receptacle  device  to  perform  a 
240VAC  [volts  in  alternating  current]  split-phase 
measurement  for  the  blade  server  chassis  and  a 
120VAC  single-phase  measurement  for  the  rack- 
able  units. 

Measurements  were  taken  directly  from  the 
equipment.  We  multiplied  the  counted  kilowatts-per- 
hour  measurement  by  43,284  hours  to  obtain  the 
number  of  kilowatt-hours  the  equipment  would  use 
over  a  five-year  period  including  a  single  leap  year. 

We  measured  the  performance  of  each  server 
and  blade  running  Windows  2003  Enterprise  Server 
R2  and  Red  Hat  Enterprise  Linux  5  in  default  con¬ 
figurations  (no  optimizations  were  used).  The  blade 
servers  and  rack  servers  performed  essentially 
identically  and  very  well.  One  server,  the  x3650,  had 
slightly  better  disk  performance,  we  believe 
because  of  its  RAID  5  configuration.  Loads  were 
spawned  by  scripts  that  simultaneously  performed 
calculations  of  arrays,  wrote  to  local  storage 
(disks)  and  performed  a  secure  FTP  download. 

THE  FULL  SPECIFICATIONS  OF  THE  IBM 
SERVERSTESTED  ARE  AS  FOLLOWS: 

□  BC-H  Blade  Center  blade  chassis  (no  blades, 
but  including  a  10GB  Ethernet  switch,  1GB 
Ethernet  switch,  four  power  supplies) 

□  HS21  blade,  Model  8853  (two  2.0GHz  Intel  Ouad 
Core  CPUs,  1 ,333GHz  front  side  bus  (FSB),  8GB 
DDR2  memory,  two  73GB  serial-attached  SCSI 
[SAS]  drives) 


□  HS21  XM  blade,  Model  7995  (two  2.33GHz  Intel 
Ouad  Core  CPUs,  1 ,333GHz  FSB,  16GB  DDR2 
memory,  one  73GB  SAS  drive) 


□  x3650  Model  7979  (two  2.66GHz  Intel  Ouad  Core 
CPUs,  1.333GHz  FSB,  8GB  DDR2  memory,  Server 
RAID  host  bus  adapter,  four  73GB  SAS  drives, 
two  redundant  power  supplies) 


□  x3550  Model  7978  (1U  two  2.66GHz  Intel  Ouad 
Core  CPUs,  1.333GHz  FSB,  8GB  DDR2  memory, 
Server  RAID  host  bus  adapter,  two  73GB  SAS 
drives,  two  redundant  power  supplies) 


The  rackable  wiring  quandary 

BY  TOM  HENDERSON,  NETWORK  WORLD  LAB  ALLIANCE 

Many  data  centers  were  designed  to  provide  floor-based  plenum  cooling  in  an  era  when  a  42U  rack  might  have 
to  dissipate  just  3kW  of  server  power.  In  such  a  rack,  typically  a  maximum  of  42U  can  be  used,  and  a  rack 
with  40  servers  (with  2U  reserved  for  Ethernet  switches)  means  the  power  requirement  must  be  made  for 
20kW  —  nearly  seven  times  the  load  the  data  center  may  have  been  designed  to  both  provide  power  for,  and  to  cool. 

In  addition,  40U  of  rackable  servers  can  mean  a  minimum  of  40  power  cables  (double  that  number  for  redundant 
power  sourcing,  for  a  total  of  80  power  cables)  and  at  minimum,  40  Ethernet  cables  (and  the  two-24-port  or  one-48 
port  Gigabit  Ethernet  switch  needed  to  link  them  in  a  network).  This  produces  a  spaghetti-of-cables  effect  that  can 
block  some  of  the  airflow  needed  to  chill  the  cabinet  adequately.  While  headless  (meaning  no 
monitor/keyboard/mouse)  operation  is  typical,  accessibility  for  each  server  becomes  difficult  in  terms  of  requiring 
additional  equipment  (a  ladder,  as  an  example)  to  service  a  single  rackable  server. 

The  same  design  characteristic  of  older  data  centers  also  puts  a  certain  ceiling  on  the  number  of  blade  servers 
that  can  be  installed  into  a  single  rack,  unless  power  and  cooling  components  can  be  retrofit.  IBM  and  third-party 
vendors  such  as  APC,  Emerson  and  Leibert  offer  substantial  options  to  retrofit  data  centers  to  manage  very  high 
power  loads  at  an  additional  capital/operational  expenditure. 

Some  vendors  have  addressed  the  problem  by  offering  over-sized  racks  with  45,  48  and  custom 
unit  size  displacements.  Rack  depth  is  increasing  to  accommodate  deeper  chassis,  both  for  blade 
servers  and  for  rack-mounted  systems.  And  highly  articulate  cooling  schemes  have  also  become 
available  to  aid  front-to-back  cooling,  ratherthan  using  traditional  floor-based  chilled  air  plenums  — 
so  that  heat  dispersion  can  be  focused  for  high  cubic  feet  per  minute  chilling  loads  needed  by 
blades,  as  well  as  other  high-density  chassis  supporting  routers,  switches  and  VoIP  gateway  tele¬ 
phony  components. 
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dors  ship  with  the  blades,  in  this 
case,  a  limit  of  288GB  (maximum; 
we  tested  two  73GB  drives  in  the 
blades)  from  IBM.  Some  will 
argue  that  288GB  is  a  lot,  but  it’s  a 
ceiling  amount  unless  iSCSI,  Fibre 
Channel  or  other  SAN  connection 


methods  are  onboard  and  well 
configured. 

By  contrast,  the  2U  x3650  can 
have  a  RAID  5  configuration 
internally  by  using  four  drives 
—  three  for  RAID  and  one  as  a 
hot-spare.  These  drives,  like 
those  in  blade-server  housings, 
can  be  changed  to  accomodate 
larger  storage  needs,  but  it’s 


unlikely  that  administrators  will 
change  drives  once  a  unit  is  in 
service  for  a  production  appli¬ 
cation.  With  more  native  space 
available,  rack-mounted  servers 
have  a  higher  denominator  of 
native  storage  capability.  Some 
vendors  are  putting  this  same 
storage  capacity  in  1U  form- 
factor  rackable  servers  as  well. 


There’s  a  tendency  to  not 
change  components  in  a  work¬ 
ing  system  even  if  better  com¬ 
ponents  will  achieve  a  longer 
application  or  service  profile 
life. 

The  result  is  that  blades  need  to 
connect  to  an  external  SAN  if  it’s 
known  or  perceived  that  future 
storage-growth  needs  will  exceed 
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the  amount  of  space  available  on 
the  blade.  For  organizations  that 
have  SANs,  blade-server  attach¬ 
ments  are  well  understood, and  a 
variety  of  Fibre  Channel  SAN 
gear  is  available.  If  there’s  no  SAN 
nearby,  however,  iSCSI  can  be 
used,  subject  to  the  bandwidth 
consumed  over  Ethernet  connec¬ 
tions  by  the  virtualized  iSCSI- 
based  traffic. 

It’s  also  possible  to  put  addi¬ 
tional  I/O  cards  into  blades,  as 
well  as  into  rackables.  The  IBM 
line  uses  PCI  and  PCI  Express 
(PCIe)  cards  in  its  rackables. 
Options  to  increase  to  two  cards 
makes  rackables  more  flexible  in 
terms  of  I/O  card  expansion. The 
memory  options  in  blades  and 
rackables  are  similar. 

Another  potential  disadvantage 
to  blades  is  commitment.  If  you 
choose  a  blade-server  vendor, 
your  organization  becomes  cap¬ 
tive  to  that  vendor’s  service  poli¬ 
cies,  component  availability  and 
service  organization.  This  isn’t 
necessarily  the  case  for  1U  de¬ 
ployments,  because  the  1U  space 
can  be  occupied  by  any  vendor, 
but  a  blade  space  will  be  occu¬ 
pied  by  a  server  from  the  chassis’ 
manufacturer.  Relationships  be¬ 
come  tighter  if  a  blade  environ¬ 
ment  is  chosen. 

Bottom  Lines 

Blade  density  represents  a 
huge  pool  of  computing  power 
per  cubic  inch. Typically,  four  9U 
IBM  blade  chassis  will  fit  in  a 
42U  rack  with  space  to  spare, 
which  means  almost  20,000 
watts  of  power  to  cool.  Forty 
x3550  rackable  servers  in  the 
same  rack  use  at  most  75%  of 
that  wattage.There  are  56  blades 
in  this  configuration,  however, 
vs.  40  rackables  inside  a  single 
rack,  maximized  in  this  way. 

Performance  was  essentially 
the  same  between  rackables 
and  blades.  Blades  are  easier  to 
manage  and  service.  We  believe 
there’s  a  vendor-captivity  ele¬ 
ment  to  purchasing  or  deploy¬ 
ing  blade  servers,  as  well  as  a 
decided  limitation  on  local 
storage.  However,  in  an  organi¬ 
zation  with  very  good  data  cen¬ 
ter  infrastructure,  if  you  can  live 
with  the  vendors  as  in-laws, 
you’ll  love  the  blades. 

Henderson  is  principal  re¬ 
searcher  and  Dvorak  a  researcher 
at  ExtremeLabs  in  Indianapolis. 
They  can  be  reached  at  thender 
son@extremelabs.com  and  rdvo 
rak@extremelabs.  com. 
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Symantec’s  Enterprise  Vault 
finds  what  you're  looking  for 

E-mail  archiving  tool  homes  in  on  locating  stored  messages  for  compliance 

BY  JOEL  SNYDER,  NETWORK  WORLD  LAB  ALLIANCE 

Symantec’s  Enterprise  Vault  system  provides  e-mail  and  file  archiving,  regu¬ 
latory  compliance  and  legal-discovery  features  suitable  for  the  enterprise. 


In  this  exclusive  test  of  Symantec’s  latest  release,  EV  7.0, 
we  found  the  product  provides  a  very  deep  set  of  search 
and  recovery  tools  that  can  tap  into  information  archived 
from  a  wide  variety  of  sources. 

With  support  for  Microsoft  Exchange  and  Lotus  Domino, 
as  well  as  any  SMTP  connection,  EV  can  work  with  any 
enterprise  mail  system.  In  addition,  support  for  archiving 
other  information  repositories  across  the  enterprise,  includ¬ 
ing  shared  file  systems  and  Microsoft  SharePoint  services, 
gives  EV  the  ability  to  pull  data  from  an  even  wider  field. EV 
is  heavily  linked  into  Microsoft  Exchange  clients,  so  we 
were  also  able  to  see  benefits  for  users  —  including  auto¬ 
mated  message  archiving  and  deletion  —  tightly  integrated 
into  the  Outlook  e-mail  client. 

We  did  not  test  archiving  performance  but  focused  on  the 
product’s  integration  capabilities  and  its  search  and  recov¬ 
ery  features  (see  “How  we  did  it”  at  www.nwdocfind 
er.com/9023). 

In  our  tests  using  Exchange  2007,  we  focused  on  e-mail 
applications  as  the  most  likely  and  interesting  data  stores 
for  enterprise  IT.  EV  talks  to  Exchange  in  two  ways.  First,  it 
can  link  into  the  journaling  capability  of  Exchange  to  get  a 
copy  of  every  message  that  passes  through  your  mail  sys¬ 
tem.  In  Exchange  2007,  Microsoft  requires  that  all  messages 
go  through  a  messaging  hub  (even  if  they  are  passed 
between  users  in  the  same  message  store)  and  then  pro- 


EV  gets  the  joke 

One  issue  with  any  archiving  and  compliance 
system  is  that  it's  difficult  to  separate  out  the 
lunch  dates  from  the  confidential  information. 
EV’s  Automatic  Classification  Engine  (ACE)  was 
designed  to  address  this  issue. 

Each  message  entered  into  EV  can  be  run  past  a 
set  of  classification  rules  such  as  looking  for  particu¬ 
lar  message  characteristics  (an  MP3  attachment)  or 
content  (including  looking  for  jokes).  As  a  message 
matches  different  rules,  tags  can  be  attached  that 
can  be  used  within  EV  as  part  of  a  search. 

ACE  caught  nine  out  of  10  jokes  in  our  test,  miss¬ 
ing  out  only  on  a  parody  about  cottage  cheese. 
With  that  high  catch  rate,  ACE  could  assist  in  both 
compliance  and  discovery  tasks. 


vides  a  way  for  third-party  applications,  such  as  EV  to  get 
copies  of  those  messages  as  they  fly  by  We  turned  on  jour¬ 
naling  for  Exchange  2007  on  the  messaging  hub  and  veri¬ 
fied  that  messages  sent  using  an  Exchange  2007  server 
were  captured  by  EV  according  to  policy 

The  second  link  to  Exchange  for  EV  is  directly  into  each 
user’s  mailbox.  When  EV  has  its  fingers  deep  into  the  mail¬ 
box,  it  can  grab  messages  and  move  them  to  the  vault,  leav¬ 
ing  behind  a  shortcut  that  will  let  the  user  get  at  the  mes¬ 
sage  moved  to  the  EV  message  store.  Once  the  message  is 
controlled  by  EV  you  can  apply  a  range  of  retention  poli¬ 
cies,  enforcing  automatic  deletion  in  the  end. 

Although  the  integration  with  Exchange  is  slick,  we  were 
concerned  that  moving  messages  out  of  Exchange  and 
into  EV  trades  off  one  storage  nightmare  for  another. 
However,  we  found  that  EV  can  save  message  space  in  sev¬ 
eral  ways.  First,  EV  maintains  “single  instance”  storage  of 
messages  even  across  different  Exchange  servers.  This 
means  you  need  a  single  larger  storage  system  rather  than 
a  series  of  smaller  ones,  as  in  Exchange.  Because  EV  is  a 
“write  mostly”  type  of  application  with  a  much  lower  trans¬ 
action  rate  than  an  Exchange  server,  storage  cost  can  be 
much  lower. Second,  because  EV  can  operate  across  multi¬ 
ple  journaling,  compliance  and  archiving  applications,  you 
don’t  have  copies  of  each  message  for  each  application. 

Symantec  also  offers  a  tool  kit  of  three  applications  (PST 
Locator,  PST  Collector  and  PST  Migrator)  to  hunt  down  and 
archive  personal  mailboxes  (.PST  files)  on  individual’s  lap¬ 
tops  and  desktops  across  the  enterprise.  EV  also  can  archive 
documents  in  public  folders  within  Exchange,  as  well  as  on 
Windows  file  servers  and  Microsoft  SharePoint  servers. 

One  direct  hook  that  EV  doesn’t  have  is  into  instant  mes¬ 
saging.  Although  it  has  some  support  for  linking  to  other  IM- 
archiving  systems,  the  document-based  orientation  of  EV 
doesn’t  mesh  well  with  the  synchronous  nature  of  IM  traffic. 

Some  may  buy  EV  for  its  retention  enforcement  tools  and 
ability  to  offload  messages  from  overloaded  Exchange  ser¬ 
vers,  but  most  will  look  at  it  to  satisfy  legal  discovery  and 
regulatory  compliance.  For  users,  EV  offers  a  direct  plug-in 
for  Outlook  that  directly  links  to  their  archived  messages, 
along  with  any  other  vaults  they  have  permissions  to  see. 
This  plug-in  not  only  allows  message  searching,  but  can 
be  used  to  move  messages  in  and  out  of  the  vault.  We 
found  that  the  plug-in  worked  moderately  well  but  not 
perfectly  Users  on  Exchange  2007  could  not  archive  mes¬ 
sages  from  their  mailboxes,  and  one  of  our  Exchange 
2003  users  couldn’t  always  archive  his  own  mail. 
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E-MAIL  ARCHIVING  SOFTWARE 

SYMANTEC  ENTERPRISE  VAULT  V  7.0 

Symantec  .s  :ec  cc 

N(  Results  4.25 


Pricing  starts  at  $40  per  user,  including  one  year 
of  support. 

Pros:  Comprehensive  coverage  of  regulatory, 
discovery  and  archiving  requirements  for 
enterprise  e-mail  systems;  accepts 
documents  from  other  common  information 
sources,  including  file  servers  and 
SharePoint  servers;  strong  set  of  tools  for 
search  and  recovery  processes. 

Cons:  Midmarket  companies  may  find  it  difficult 
to  scale  down  product  for  smaller 
deployments. 


The  Breakdown 


Product  capabilities  and  features  35% 

4.5 

Management  console  and  user  interface 

25% 

4.5 

Interoperability  10% 

4 

Scalability  20% 

4 

Documentation  10% 

3.5 

Total  score 

4.25 

Scoring  Key: 

5:  Exceptional. 

4:  Very  good. 

3:  Average. 

2:  Below  average. 
1:  Subpar  or  not 
available. 
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Check  out  our  E-mail  Archiving  Buyer’s  Guide 
www.nwdocfinder.com/1037 


The  search  and  navigation  tool  is  available  within  a  Web 
browser,  with  access  privileges  defined  by  the  system 
manager.  Both  the  Outlook  plug-in  and  the  Web-based 
tools  preserve  the  folder  hierarchy  within  Outlook.  If 
you’re  looking  for  something  in  your  mailbox  or  someone 
else’s,  you  can  get  considerable  hints  based  on  how  the 
messages  are  filed.  A  second  Web-based  search  interface 
lets  you  search  across  multiple  users  and  archive  types, 
though  you  lose  the  ability  to  see  metadata. 

The  other  two  search  tools  are  specifically  aimed  at  legal 
discovery  and  regulatory  compliance.  Discovery  Acceler¬ 
ator  goes  beyond  simply  searching  for  messages  and  lets 
the  researcher  collect  messages  together  as  part  of  a  case, 
put  messages  on  “hold”  (so  they  don’t  get  deleted),  export 
messages  and  documents,  and  manage  the  task  of  review¬ 
ing  messages  for  relevance. 

Compliance  Accelerator  serves  a  different  purpose:  setting 
aside  a  sample  of  messages  from  monitored  employees  for 
review.  Compliance  Accelerator  has  tools  to  define  employ¬ 
ees,  departments  and  reviewers,  and  to  set  the  sample  size, 
as  well  as  speciaFhot  word”queries  to  add  to  the  list  of  mes¬ 
sages  that  must  be  reviewed. 

Overall,  EV  7.0  offers  an  outstanding,  multifaceted, set  of 
tools  that  can  be  used  for  email  retention  enforcement, 
offline  storage  management,  legal  discovery  and  regula¬ 
tory  compliance.  While  it’s  always  possible  to  make  a 
good  thing  better,  users  of  EV  7.0  will  likely  find  that  its 
capabilities  will  exceed  their  needs. 

Snyder  is  senior  partner  at  Opus  One ,  a  consulting  firm ,  in 
Tucson,  Ariz.  He  can  be  reached  at  Joel.Snyder@opusi .com. 
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She’s  watching  PHYSICAL  SECURITY  with  video,  motion, 

and  door  switches. 


1 

■ 
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•  She’s  tracking  ENVIRONMENTAL  THREATS  like 
temperatures,  power  failures,  water  on  the  floor,  smoke,  fire, 
and  more. 


Motion 


She’s  checking  NETWORK  CONNECTIVITY 
and  SERVER  RESPONSE. 


Temperature 


Humidity 


Water 

Smoke 


The  IMS-4000  is  a  scaleable,  stand  alone. 
Infrastructure  Monitoring  System  with  data 
trending,  instant  notification,  integrated 
battery  backup,  and  redundant  communi¬ 
cation  paths  for  maximum  reliability. 


To  learn  more  visit 
www.ims-4000.com 


Monitor  everything  that  threatens  your  data  center, 

and  Know  Everything. 


Or  call  toll  free 
877-373-2700 


Protect  Your  IT  Equipment...  Don't  Wait  Until  It's  Too  Late! 


IT  &  Facilities  Environment  (Monitoring 

Digital  Temperature 
Digital  Humidity 

Main  /  UPS  Power  ^ - 

Flood  /  Water  Solutions 

Smoke  /Fire  Start  At  $245 


Cameras,  Sound,  Light,  Air  Flow, 
Room  Entry,  Dry  Contacts  &  More 


Easy  Online  Ordering  At 

Environment  Monitor.com 


'  AVTECH 

Software 


888.220.6700 

401.847.6700 


AVTECH.com 

EnvironmentMonitor.com 


1.408.727.1122 

i  ViVAY/m  t '  J  i  Cnfl<CfTT1 

info@recurrent.com 

EleClZfaR^Rt 


3431  De  La  Cruz  Blvd,  Santa  Clara,  CA  95054 


RELAX.  YOU’RE  IN  CONTROL  NOW 

Manage  remote  offices  from  wherever  you  are. 

Secure  your  Data  Center.  No  software  licensing  fees. 


,  V  ... 


::  UltraLink™ 

7  Digital  KVM  IP 


State  of  the  art  security 

Dependable,  Powerful,  Secure,  Guaranteed 

24/7  Mission  Critical  Reliability 
Industry  Best  Video  w 

USB,  PS/2,  Serial  Support 
Single,  Dual,  Quad  Models 


281  933  7673 
+44  (0)  1264  85057 
+65  6324  2322 
+617  3383  1540 


www.rose.com 

281  933  7673  800  333  9343 

ROSE  ELECTONICS  10707  STAN  CUFF  ROAD  -  HOUSTON,  TEXAS  77099 


KVM  Rack  Drawers 


The  most  efficient  way  to 
organize  your  server  room. 

1U  or  2U 

15",  17"  19"  or  20" 
VGA,  DVI 
PS/2,  USB,  or  Sun 
Touchpad  or  Trackball 

. . ”,"-V 


Panel  Mount  LCD 


Mounts  vertically  in  a 
standard  19"  rack. 

15",  17"  19",  20",  or  23" 

VGA,  DVI,  S-Video 
Optional  Touchscreen 
Optional  Built-in  KVM  Extenders 


Digital  KVM  IP 

Switches 

Switch  Si  control  1,000s 
or  computers  8t  network 
devices  over  IP 
Advanced  Security 
Hign  re  solution 
On-screen  menu 
>.>SB,  PS/2,  Sun,  Serial 


KVM  Extenders 

Extends  keyboard,  video, 
and  mouse  signals  up  to 
33,000  feet 

Rber,  CATx 
DVI,  VGA,  High  Res. 
PS/2,  USB,  Sun 
Audio,  Serial 


Multi-platform 
KVM  switches 

Switch  &  control  l,OOOs  of 
s>.  computers  and  network 
devices 

Advanced  Security 
High  resolution 
On-screen  menu 
USB,  PS/2,  Sun,  Serial 


Start  with  the  right  rack, 
and  you  can't  go  wrong. 

Get  the  seamlessly  integrated,  fully  compatible  NetShelter®  rack  system  from  APC®. 


APC,  the  name  you  trust  for  power  protection,  also 
offers  a  comprehensive  line  of  non-proprietary  racks,  rack 
accessories  and  management  tools  that  ensure  the  highest 
availability  in  a  multi-vendor  environment.  With  APC  racks, 
accessories,  and  management  tools,  you  can  design  a 
comprehensive  rack  solution  that  meets  your  availability 
needs  for  today  and  that  easily  scales  up  for  tomorrow. 

Need  assistance?  Our  expert  Configure-to-OrderTeam 
can  custom  tailor  a  complete  rack-mount  solution 
that  suits  your  specific  requirements. 

Contact  APC  today  and  protect  your  rack  application  with 
Legendary  Reliability®. 


The  NetShelter®  SX  is 
vendor  neutral  and  carries 
the  "Fits  Like  a  Glove" 
compatibility  guarantee. 


DELI  •  CISCO  •  LUCEMT  j 


P  =  Power  C  =  Cooling  R  =  Racks 


NetShelter  is  completely 
compatible  with  all  APC 
award-winning  InfraStruXure® 
architecture,  allowing  you  to 
add  rack,  power  and  cooling 
on  a  scalable  as-needed  basis. 


NetShelter  SX  starts  at  $1150 

Rack  enclosures  with  advanced  cooling,  power  distribution,  and 

cable  management  for  server  and  networking  applications  in  IT 

environments. 

•  Integrated  rear  cable  management  channels  allow  easy  routing, 
management  and  access  to  large  numbers  of  data  cables. 

•  3000  lbs.  weight  capacity. 

•  Vendor-neutral  mounting  for  guaranteed  compatibility. 

•  Toolless  mounting  increases  speed  of  deployment. 

Rack  PDU  starts  at  $89.99 

Power  distribution  that  remotely  controls  power  to  individual  outlets 
and  monitors  the  aggregate  power  consumption. 

•  Switched,  metered,  and  basic  models  available. 

•  Includes  horizontal/vertical  mounts,  toolless  or  easy  bracket  installation. 

•  Puts  power  in  the  racks  near  the  equipment  where  it  is  needed  most. 

•  Wide  range  of  input  and  output  connections  from  single-phase  to 
3-phase. 

Cable  Management  starts  at  $29.99 
Comprehensive  selection  of  accessories  designed  to  organize 
power  or  data  cables  within  a  rack  environment. 

•  Eliminates  clutter  and  cable  stress. 

•  OU  of  rack  space  with  the  vertical  cable  organizer. 

•  Quick-release  tabs,  toolless  mounting. 

Rack-Mount  Keyboard  Monitor  starts  at  $1550 
I U  rack-mountable  integrated  keyboard,  monitor  and  mouse. 

•  15"  or  17"  ultra-thin,  LCD  monitor  with  integrated  keyboard. 

•Ease  of  installation  minimizes  support  and  maintenance  costs 

ensuring  lower  total  cost  of  ownership. 

•  Can  be  used  in  a  variety  of  IT  environments  from  computer 
rooms  to  large  data  centers. 

Rack  Air  Removal  Unit  SX  starts  at  $2600 
Rear-door  fan  system  for  performance  heat  removal  up  to  23kW 

•  Temperature  controlled,  variable  speed  fans  allow  reduced 
energy  consumption  during  off-peak  cooling  periods. 

•  Ducted  exhaust  system  increases  air  conditioning  efficiency 
and  prevents  hot  spots  by  eliminating  recirculation. 

•  Manageable  via  Web,  SNMP,  Telnet  and  local  LCD  display. 

NetBotz®  Security  and  Environmental  starts  at  $889 
Protecting  IT  assets  from  physical  threats. 

Visual  monitoring  of  all  activities  in  the  data  center  or  wiring  closet. 
Third-party  monitoring  via  dry-contacts,  SNMP,  IPMI,  0-5V and  4-20mA 
User-configurable  alarm  and  escalation  policies. 

Temperature,  humidity,  and  leak  detection. 


Register  to  WIN  Five  1 U  Blanking  Panel  Kits  Value:  $1 14.95 

Say  goodbye  to  hot  racks!  Keep  enclosures  cool  -  and  efficiency  high  -  by  installing  blanking 
panels  (SKU:  AR8I08BLK)  in  unused  rack  space.  You'll  feel  the  difference!  Register  online  today. 

For  full  details.  Visit  www.apc.com/promo  Key  Code  t396x  •  Call  888.289.APCC  x3989  •  Fax  401.788.2797  Legendary  Reliability 

©2007  American  Power  Conversion  Corporation.  All  rights  reserved. 

NetBotz  and  NetShelter  are  registered  trademarks  of  American  Power  Conversion  Corporation.  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  AX4A6BF_NAMe 
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Rack-Mount  Fail-Safe  Transfer  Switches 


? 


The  Sentry  Fail-Safe  Transfer  Switch™  (FSTS)  features  two  input  power  feeds 
(A  &  B  In-Feeds).  If  either  in-feed  becomes  unavailable,  the  FSTS  auto-switches 
to  the  remaining  source. 


Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 


FSTS  Features: 

>  Patent  Pending  In-feed  Sharing:  Each  in-feed  supports 
half  the  load 

>  Fast  Transfer  Rates:  Power  interruption  will  not  affect 
uptime  or  performance 

>  Phase  Synchronization:  Power  In-feeds  do  not  need  to 
be  phase  synchronized 

>  Input  Voltages:  1 00-1 20  or  208-240  VAC,  20/30  Amp 

>  Patented  Arc  Suppression:  Prevents  arcing  between  relay 
points  and  contacts  during  power  in-feed  transfers 

>  Branch  Circuit  Protection 

>  Local  RMS  load  current  monitoring  per  circuit 

>  Switches  on  power  drop,  brownout  or  over-voltage  conditions 


Server  Technology,  Inc. 

1040  Sandhill  Drive 
Reno,  NV  89521 
USA 


tf  +1.800.835.1515 
tel  +1.775.284.2000 
fax +1.775.284.2065 

www.servertech.com 

sales@servertech.com 
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Instantly  Search  Terabytes  of  Text 


images 


♦  over  two  dozen  indexed,  unindexed,  fielded  data  and  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  and  PDF,  while  displaying  links,  formatting  and 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email  and 
attachments,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 

♦  Spider  supports  static  and  dynamic  Web  content,  with  WYSWYG  hit-highlighting 

♦  API  supports.  NET/.  NET  2.0,  C++,  Java,  SQL  databases.  New. NET/. NET  2.0  Spider  API 


dtSearch®  Reviews 


♦  "Bottom  line:  dtSearch  manages  a  terabyte  of  text  in  a  single  index 

and  returns  results  in  less  than  a  second"  -  InfoWorld 

♦  "For  combing  through  large  amounts  of  data,  dtSearch  "leads  the  market" 

-  Network  Computing 

♦  "Blindingly  fast"-  Computer  Forensics:  Incident  Response  Essentials 

♦  "Covers  all  data  sources  ...  powerful  Web-based  engines"-  eWEEK 

♦  "Searches  at  blazing  speeds"-  Computer  Reseller  News  Test  Center 

♦  "The  most  powerful  document  search  tool  on  the  market"-  Wired  Magazine 
For  hundreds  more  reviews  —  and  developer  case  studies  —  see  www.dtsearch.com 


■ 


Contact  dtSearch  for  fully-functional  evaluations 


The  Smart  Choice  for  Text  Retrieval®  since  1991 


■ 


1-800-IT-FINDS  •  www.dtsearch.com 


Instantly  Search 

TerabytesofText 


nwMima 


HIGH-END,  LOW  COST 
LOAD  BALANCING  SOLUTIONS 

Prices  starting  at  S  1,499  with  no  per  server  license  fees. 


RECLAIM  YOUR  NETWORK 


Powerful.  Easy  to  use.  Affordable. 

The  Barracuda  Load  Balancer  is  designed  to 
deliver  powerful  IP  load  balancing  and 
|  network  intrusion  prevention  at  an 
affordable  price.  Like  our  award-winning 
Spam  Firewalls  and  Web  Filters,  configura¬ 
tion  is  simple  and  operation  is  virtually 
maintenance-free. 


FREE  EVALUATION  UNITS  AVAILABLE 

www.barracuda.com  or  1 -888-ANTI-SPAM 
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Introducing  the 


Efficiently  aggregate  full-duplex  data  into 
your  analysis  or  security  device. 

•Supports  10/100/1000 

•  Stream  into  two  different  devices 

•  Rack  mount  up  to  three  across 

•  Supports  all  commercial  analysis  systems 

•  Also  works  with  open-source  tools 

Learn  more.  Visit  www.networkTAPs.com. 


Buffer  options: 

256  MB . $1,495 

512  MB.... . $1,995 


nTAP 


TM 


Choose  from  a  variety  of  configurations,  options,  and  pricing.  Plus  a 
complete  line  of  copper  and  optical  nTAPs  for  full-duplex  analyzer  systems. 
Free  overnight  delivery* 

www.networkTAPs.com  •  1-866-GET-nTAP 


F€  C€ 


•Free  overnight  delivery  on  all  U.S.  orders  over  $295  confirmed  before  1 2  p.m.  Central  Time. 
©  2006  Network  Instruments,  LLC.  nTAP  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 


Looking  for  a  domain? 

With  1&1,  the  price  we  advertise  is  the  price  you  pay  for  a  domain 
registration.  There  are  no  hidden  fees  and  no  special  conditions  -  ever. 


©  2007  1&1  Internet,  Inc.  All  rights  reserved.  All  quoted  prices  are  based  on  standard  pricing  as  of  5/2/2007  for  a  one-year  registration  of  a  single  domain. 
Product  and  program  specifications,  availability,  and  pricing  are  subject  to  change  without  notice.  Visit  landl  com  for  details.  Go  Daddy  is  a  registered  trade¬ 
mark  of  Go  Daddy  Software,  Inc.;  Yahoo!  is  a  registered  trademark  of  Yahoo!  Inc. 


internet I 


visit  us  now 


1and1.com 


Check  out  l&l.com  for  rates 
on  .info  .name  .us  .biz  .ws 
.cc  .mobi  and  .tv 
domains. 


Free  with  every 
1&1  domain  registration: 

Private  Registration 

Protect  your  contact  information  from  spammers!  Your 
privacy  is  important.  That's  why,  unlike  other  registrars, 
we  offer  this  important  feature  free  of  charge. 

y  Starter  Website 

Choose  a  template  and  create  a  three 
page  website  in  minutes  -  always  ad  free! 

y  Search  Engine  Tools 

Get  your  website  listed  on  the  leading 
search  engines  in  a  few  easy  steps. 

y  1  GB  E-mail  Address 
/  24/7  Support 
y  Domain  Forwarding 
y  DNS  Management 
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M  Sales  Offices 


Hew  York/New  Jersey 

Tom  Davis,  Associate  Publisher,  Eastern  Region 
Elisa  Della  Rocco,  Regional  Account  Director 
Kathy  Georgiyevskaya,  Integrated  Media  Coordinator 
Whitney Tavis,  Integrated  Media  Coordinator 
Internet:  tdavis,  elisas,  kgeorgiy.  wtavis@nwrAr.com 
(201)  634-2300/FAX:  (201)  634-9286  

Northeast 

Elisa  Della  Rocco,  Regional  Account  Director 

Internet:  elisas@nww.com 

(508)  460-3333/FAX:  (508)  460-1237 

Mid-Atlantic 

Jacqui  DiBianca,  Regional  Account  Director 
Internet:  jdibian@nww.com 

(610)  971-1530/FAX:  (610)  975-0837 _ 

Midwest/Central 

Tom  Davis,  Associate  Publisher,  Eastern  Region 

Internet:  tdavis@nww.com 

(201)  634-2314/FAX:  (201)  722-9786 

Southeast 

Don  Seay,  Regional  Account  Director 

Internet:  dseay@nww.com 

(404)  504-6225/FAX:  (404)  504-6212 

Northern  California/Northwest 

Sandra  Kupiec,  Associate  Publisher,  Western  Region 

Karen  Wilde,  Regional  Account  Director 

Vanessa Tormey,  Regional  Account  Director 

Coretta  Wright,  Regional  Account  Manager 

Katie  Layng,  Account  Executive 

Jennifer  Hallett,  Account  Coordinator 

Carol  Kim,  Sales  Assistant 

Tina  Marfori,  Sales  Assistant 

Internet:  skupiec,  kwilde,  vtormey,  cwright,  klayng, 

jhallett,  ckim,  tmarfori@nww.com 

(510)  768-2800/FAX:  (510)  768-2801 
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Becky  Bogart,  Regional  Account  Director 
Internet:  bbogart@nww.com 
(949)  250-3006/FAX:  (949)  833-2857 


Online/Integrated  Solutions 

Susan  Cardoza,  Vice  President  Online  Sales/Operations 

Debbie  Lovell,  Online  Account  Manager 

Denise  Landry,  Sr.  Account  Coordinator 

Justine  Wallace,  Account  Coordinator 
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(508)  460-3333/FAX:  (508)  460-1192 
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national  computer  news. 
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Where  things  stand 

Select  network  management  tools  offering  IPv6  support: 


Tool 

Vendor 

IPv6  status 

Description  >  1 

Adonis,  Proteus  Appliances 

BlueCat  Networks 

Announced  IPv6  support  in  March 

DNS  and  DHCP  devices  support  IPv4  and  IPv6. 

AppCritical 

Apparent  Networks 

Due  by  June  2008 

IPv6  support  is  under  development  for  network  management  software. 

CiscoWorks 

Cisco 

Supports  IPv6 

Campus  management  software  can  manage  IPv6  Layer  2  and  Layer  3  devices. 

Cisco  Network  Analysis  Module 

Cisco 

Supports  IPv6 

Blade  that  sits  in  Cisco  switches  reports  on  IPv6  traffic  Dows. 

Cisco  Network  Registrar 

Cisco 

Supports  IPv6 

This  DNS/DHCP  service  has  offered  IPv6  support  for  a  year. 

EMC  Smarts  IP  Availability 
Manager 

EMC 

Extension  for  IPv6  is  first  step 
in  IPv6  support 

EMC  is  developing  IPv6  support  for  Network  Protocol  Manager,  Multicast  Manager  and 
MPLS  Manager. 

OpenView  Network  Node  Manager 

HP 

Supports  IPv6 

Offers  dynamic  views  for  IPv6. 

IBM  Tivoli  Network  Manager 

IBM 

Due  fourth  quarter  2007 

Will  support  IPv6/IPv4  dual-stack  but  not  tunneling. 

IBM  Tivoli  Netcool/Omnibus 

IBM 

Due  fourth  quarter  2007 

Will  support  IPv6/IPv4  dual-stack  but  not  tunneling. 

NetMRI 

Netcordia 

Due  by  June  2008 

IPv6  support  under  development  for  real-time  network  analytics  appliance. 

Observer 

Network  Instruments 

Released  with  Version  12  in  March 

Implemented  support  for  IPv6  across  entire  application  in  both  software  and  appliances. 

Sniffer  Distributed  &  Portable 

Network  General 

Due  in  2007 

IPv6  enhancements  will  be  available  in  all  products,  limited  IPv6  support  already  available. 

SolidDNS 

InfoWeapons 

Added  IPv6  support  last  fall 

First  DNS  appliance  to  support  IPv4  and  IPv6  running  in  dual-stack  mode. 

Windows  Server  2008  DHCP 

Microsoft 

Supports  IPv6 

Supports  stateless  and  stateful  configuration. 

Management 

continued  from  page  1 

management  software  to  handle 
IPv6  leaves  networks  that  are 
moving  to  the  new  standard 
vulnerable  to  attack. 

With  new  technology  like  IPv6, 
“you’re  much  more  vulnerable  to 
attacks  or  to  malicious  attempts 
to  disrupt  your  network,  and  the 
ability  to  analyze  those  attacks 
when  they  happen  is  really 
important,”  he  says. 

Experts  say  the  need  for  net¬ 
work  monitoring  and  manage¬ 
ment  tools  for  IPv6  is  greater  than 
tools  for  today’s  IPv4  networks  for 
several  reasons: 

•  Networks  will  become  more 
complicated  because  they  will 
run  IPv4  and  IPv6  side  by  side  for 
years  during  the  transition  from 
one  standard  to  the  other. 

•  IPv6  lets  network  managers 
directly  address  more  network 
devices  than  ever  before,  which 
will  lead  to  larger  networks. 

•  IPv6  addresses  are  longer  and 
more  cumbersome  to  display  and 
store  in  network  management 
applications. 

•  IPv6  packet  headers  are 
larger,  and  there  are  more  of 
them,  which  is  a  challenge  for 
network  management  and 
monitoring  tools. 

•  New  IPv6  features,  such  as 
end-to-end  security  will  make  it 
harder  to  monitor  packets  for  net¬ 
work  traffic  analysis. 

That’s  why  it’s  critical  that  net¬ 
work  managers  have  tools  to 
monitor  and  manage  IPv6  devices 
and  traffic,  to  analyze  both  net¬ 
work  protocols,  and  to  help  with 
troubleshooting. 
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“We  believe  that  both  security 
and  management  have  to  be  top- 
of-mind  in  any  customer  transi¬ 
tion  to  IPv6,”  says  Dave  West,  direc¬ 
tor  of  field  operations  for  Cisco’s 
Federal  Center  of  Excellence.“You 
have  to  be  able  to  manage 
devices  and  visualize  the  flows.” 

The  tools  to  do  this  aren’t  avail¬ 
able  today,  and  it’s  unclear 
whether  enough  IPv6-ready  net¬ 
work-management  functions  will 
be  available  by  June  2008,  when 
U.S.  federal  agencies  are  required 
to  turn  on  IPv6  support  in  their 
backbone  networks. 

Network  management  applica¬ 
tions  for  IPv6  are  “still  in  the 
development  phase,”  says  Yanick 
Pouffary,  technology  director  for 
the  North  American  IPv6  Task 
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Force  and  an  IPv6  Forum  fellow. 
“Everybody  is  targeting  the  fed¬ 
eral  agencies  and  the  timeline 
that  is  in  the  Office  of  Man¬ 
agement  and  Budget  mandate.” 

“You’re  not  going  to  find  IPv4-to- 
IPv6  parity  if  you  look  across  the 
board  in  network  management,” 
Cisco’s  West  says.  “We  have  some 
features  now,  and  other  value- 
added  features  will  come  in  time.” 

West  expects  “management 
capabilities  will  mature  as  more 
devices  come  online  to  support 
IPv6.” 

If  these  tools  don’t  become 
available  soon,  network  managers 
run  the  risk  of  having  to  do  twice 
the  work  to  support  IPv4  and  IPv6 
in  dual-stack  networks. 

“It’ll  be  harder  in  the  sense  that 
you  have  two  protocols  to  look 
over,”Summerhill  says.“But  if  man¬ 
agement  systems  come  along  that 
are  capable  of  doing  dual-stack,  it 
won’t  be  that  much  harder” 

Network  managers  will  need 
IPv6-enabled  management  tools 
for  DNS,  address  management, 
traffic  generation,  traffic  analysis, 
troubleshooting  and  application- 
performance  monitoring,  to  name 
a  few  management  tasks. 

These  tools  must  support  the 
whole  family  of  IPv6-related  pro¬ 
tocols  created  by  the  IETpinclud- 
ing  Neighbor  Discovery,  a  mes¬ 
saging  protocol  for  discovering 
neighboring  devices  that  also 
aids  local  connectivity,  routing 
and  configuration. 

“Network  management  tools 
will  need  to  embrace  the  IPv6 
protocols  like  Neighbor  Discovery 


to  be  able  to  manage  the  devices,” 
Fbuffary  says.  “The  network  appli¬ 
ance  needs  to  be  on  an  operating 
system  that  understands  IPv6,  and 
you  have  to  make  sure  that  your 
software  calls  up  IPv6  data  struc¬ 
tures.  . .  .The  bulk  of  the  work  for 
network  tools  is  how  to  display 
that  information.  They’ll  need 
[GUI]  changes.” 

Pouffary  says  network  manage¬ 
ment  tools  need  to  be  upgraded 
to  provide  an  integrated  view  of 
IPv4  and  IPv6  devices  and  traffic. 
“You  want  a  view  of  all  of  your 
network  that  is  integrated,  so  net¬ 
work  managers  can  react  to 
threats  and  manage  devices  re¬ 
gardless  of  whether  they  are  run¬ 
ning  IPv4  or  IPv6,”  she  says. 

Pouffary  says  it’s  important  for 
network  managers  to  make  sure 
the  policies  they  have  for  access¬ 
ing  network  resources  in  IPv4  are 
applied  to  IPv6  with  its  autocon¬ 
figuration  feature  and  end-to-end 
security  model. 

“The  products  that  enforce  your 
policies  need  to  understand  that 
you  have  IPv6  devices  on  your 
network,”  she  says. 

Network  management  applica¬ 
tions  will  need  to  support  IPv4 
and  IPv6  together  in  dual-stack 
mode,  which  is  the  most  common 
type  of  deployment.  Another  im¬ 
portant  feature  is  tunneling,  which 
lets  IPv6  traffic  move  over  an  IPv4 
connection  or  vice  versa. 

“You  need  to  be  able  to  query 
an  IPv6  device  over  an  IPv4  con¬ 
nection,”  Pouffary  says.  “You 
need  to  be  able  to  speak  the  lan¬ 
guage  of  the  device  that  you  are 


talking  to  and  also  understand 
the  transport  plane.” 

Commercial  network-manage¬ 
ment  packages  are  adding  sup¬ 
port  for  IPv6,  but  it  often  is  limited 
to  a  few  key  features  required  for 
initial  deployment.  Even  open 
source  tools  fail  to  provide  full- 
fledged  IPv6  support. 

“There  are  quite  a  few  tools  that 
we  use  for  IPv4  that  do  not  sup¬ 
port  IPv6,”  says  Matt  Davy,  chief 
network  architect  for  Indiana 
University  in  Bloomington. 

Davy  says  the  university’s 
legacy  Juniper  firewalls,  as  well 
as  its  open  source  Snort  and  Bro 
intrusion-detection  systems,  don’t 
provide  thorough  enough  sup¬ 
port  for  IPv6. 

“They  have  some  IPv6  support, 
but  it’s  not  very  good,”  Davy  says. 
“The  tools  that  we  use  to  monitor 
the  network,  seeing  the  state  of 
what’s  up  and  what’s  down,  are 
mostly  open  source  and  things 
that  we  developed,  but  they  don’t 
have  support  for  IPv6.” 

Davy  says  the  situation  is  a 
“pretty  big  problem.  We  have  IPv6 
deployed  pervasively.  We  have 
80,000  data  jacks  that  are  IFV6- 
enabled.and  we  don’t  really  have 
enough  visibility  into  the  traffic." 

Davy  says  the  university  is 
attacking  the  problem  by  upgrad¬ 
ing  to  newer  Juniper  firewalls  and 
intrusion-detection  software  with 
support  for  IPv6. 

“It’s  a  process  of  replacing 
equipment  with  new  equipment 
that  supports  IPv6  and  updating 
the  tools  we’ve  developed  to  sup¬ 
port  it  as  well,”  he  says.  ■ 
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BACKSPIN 


Mark  Gibbs 


Appalled  by  things  legal 


A  couple  of  weeks  ago  in 
this  space  I  was  Astounded 
by  Things  Legal.  Well,  the 
legal  fun  never  seems  to  stop. 

Following  last  week’s 

BackSpin  segment  on  Ameritrade’s  customer  data  leaks, 
Art  Medlar,  from  whom  I  originally  heard  about  the  issue, 
dropped  me  a  note: “Just  got  a  call  from  ...  the  Ameritrade 
privacy  department.  No  new  information,  but  it  seems  like 
someone  there  read  Network  World  and  Slashdot.  Also,  it 
sounded  like  they’re  pretty  seriously  concerned  . . .  they’re 
pretty  certain  that  while  some  addresses  are  leaking  out, 
not  all  of  them  are;  possibly  far  from  all  of  them.” 

Interesting.  So,  Medlar  was  one  of  the  unlucky  few.  I  hope 
Ameritrade  is  really  taking  this  seriously  because  leaking 
even  a  single  customer  address  is  an  appalling  breach  of 
trust.  I  wonder  whether  Ameritrade  will  formally  notify  Art, 
as  the  law  requires? 

Another  previous  BackSpin  topic  that  has  been  updated 
is  the  Julie  Amero  case  (also  mentioned  last  week). The 
latest  news  is  that  a  Superior  Court  judge  overturned 
Amero’s  January  conviction  of  four  counts  of  risk  of  injury 
to  a  minor,  which  could  have  carried  a  40-year  jail  sen¬ 
tence  and  ordered  a  new  trial.  (She  didn’t  force-feed 
them  crack  or  beat  them  with  a  baseball  bat  —  this  is  all 
over  out-of-control  porn  popups  on  a  PC!) 


When  Amero  is  found  not  guilty,  I  sincerely  hope  she 
will  sue  the  school  where  she  worked  for  negligence  or 
whatever  they  can  be  sued  for,  as  well  as  the  assistant 
state’s  attorney,  David  Smith,  for  whatever  the  correct 
legal  term  is  for  being  a  shortcut-taking,  careless  lawyer 
who  doesn’t  give  a  damn  about  justice.  If  ever  there  was 
justification  for  massive  compensation  to  be  awarded, 
this  case  is  it. 

My  final  appointment  with  appallment  is  over  another 
topic  that  won’t  die:  As  you  may  recall,  Sam  Peterson  II 
was  charged  under  a  1979  antihacking  statute  for  “unau¬ 
thorized  use  of  computer  access”  when  he  was  caught 
using  an  unencrypted  Wi-Fi  service  without  authorization. 

Peterson  had  frequently  parked  near  the  Reunion  Street 
Cafe  at  lunchtime  and  got  out  his  laptop  to  check  his  e- 
mail.One  unlucky  day  the  chief  of  police  in  Sparta,  Mich., 
stopped  to  ask  him  what  he  was  doing.  Peterson  innocent¬ 
ly  told  him.  Bad  move:  Did  you  know  that  you  never  have 
to  tell  the  police  what  you’re  doing?  If  there’s  a  real  prob¬ 
lem,  they’ll  let  you  know,  but  if  they  are  just  fishing, you 
should  stay  quiet.  Anyway  the  chief  went  away  researched 
the  law  and  decided  to  prosecute. 

I  wrote  in  my  previous  column  that,  according  to  the 
nice  lady  at  the  Sparta  Police  Department,  the  cafe  owner, 
Donna  May  had  pressed  charges.  When  I  tried  to  speak  to 
May, she  wasn’t  available.  She  returned  my  call  a  couple  of 


days  ago  to  tell  me  she  did  not  press  charges  and  didn’t 
care  if  Peterson,  or  anyone  else,  used  her  Wi-Fi  service.  She 
told  me  that  anyone  is  more  than  welcome  to  use  her  Wi¬ 
Fi,  though  she  would  prefer  that  people  ask  first. 

May  also  told  me  that  the  chief  questioned  Peterson 
because  a  lady  barber  in  the  Varsity  Barber  Shop  had 
noticed  Peterson  repeatedly  sitting  outside  and  notified 
the  police  of  someone  loitering.This  sounds  very  odd. 

May  also  told  me  that  the  police  later  caught  another 
man  doing  the  same  thing  and  called  her.  She  asked  to 
speak  to  him  and  told  him  that  he  should  say  he’d  used 
the  cafe  restroom  and  asked  her  if  he  could  use  her  Wi-Fi 
from  his  car. The  man  told  this  to  the  policeman,  who  was, 
according  to  May  rather  annoyed  and  said  that  they 
wouldn’t  refer  such  cases  to  May  in  the  future.  May  replied 
that  would  be  fine,  as  they  hadn’t  done  so  before. 

So  it  appears  that  the  Sparta  police  are  capitalizing  on 
this  ridiculous  Michigan  law  and  trolling  for  people  to 
prosecute  with  the  complicity  of  the  local  prosecutor. This 
is  insane  and  shameful.  If  May  doesn’t  care,  then  tell  me, 
where’s  the  harm  being  done  other  than  to  the  poor  bas¬ 
tards  who  get  snagged  for  the  high-tech  equivalent  of  jay¬ 
walking  and  wind  up  with  a  police  record? 

More  fun?  Spill  the  beans  to  backspin@gibbs.com  or  on 
Gibbsblog.. 
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Readers  get  their  turn  on  the  soapbox 


Paul  McNamara 


It's  been  so  long  since  we've  dipped  into  the  mailbag 
that  I  can’t  even  lift  the  thing.  What  follows  are  a  few 
choice  pieces: 

My  favorite  recent  missive  comes  in  response  to  an  item  about  a  social-engineer¬ 
ing  experiment  that  saw  409  individuals  out  of  some  250,000  click  on  a  Google  ad  that 
read:  “Drive-By  Download  ...  Is  your  PC  virus-free?  . . .  Get  it  infected  here!”  Much 
scorn  was  heaped  upon  the  409.  Reader  John  Huie  is  more  understanding: 

"I'm  shocked  that  more  people  didn't  click  on  it,"  he  writes.  "When  I  was  a  kid,  my 
dad  (who  worked  in  electronics)  built  a  little  black  box  out  of  plastic.  It  was  about  5 
inches  tall  and  maybe  3  inches  wide  and  deep.  It  was  completely  sealed  so  that  it 
couldn't  be  opened. 

“On  top  was  a  little  red  button  that  was  labeled  ‘Do  not  press.’  If  someone  pressed 
the  button,  it  would  begin  beeping  loudly,  and  there  was  no  way  to  turn  it  off  unless 
you  put  a  magnet  up  to  the  bottom. 

"He  would  put  this  thing  in  the  bathroom  in  a  drawer,  or  under  the  sink,  or  in  the 
medicine  cabinet.  It  was  amazing  how  many  times  guests  would  come  over  to  the 
house  and  go  to  use  the  restroom,  and  then  we  would  hear  this  beeping  coming 
from  in  there. . . .  People  are  curious." 

My  recent  rant  about  a  spate  of  outages  suffered  at  the  hands  of  Verizon  FiOSTV 
brought  this  contribution  from  a  fellow  who  asked  that  he  remain  anonymous 
because  he  was  once  involved  in  a  FiOS  rollout  and  still  does  work  for  Verizon: 

"I  am  not  surprised  there  are  issues  [with  FiOSTV], They  go  deeper  than  the  out¬ 
ages  you  experienced,”  he  writes.  "The  FiOS  project  was  a  marketing  initiative. They 
controlled  the  time  line  and  the  budget.  Marketing  did  not  understand  the  complexi¬ 
ties  of  integrating  cable  systems  with  their  own  proprietary  telephony  systems  or 
the  differing  regulatory  requirements. 

"Some  business  units  were  virtually  excluded  from  the  process.  IT  was  given  very 

tie  input  into  the  decision-making  process  and  when  they  did,  they  made  very  hur¬ 


ried  decisions  without  sufficient  research. 

"Verizon  will  continue  to  throw  money  at  the  system  until  it  is  stable,  but  their 
bureaucracy  and  lack  of  decision  makers  with  a  view  of  the  big  picture  will  make 
this  process  much  more  expensive  than  it  needs  to  be.  Verizon  is  a  good  company. 
They  have  just  grown  their  bureaucracy  and  become  so  inbred,  they  are  not  very 
innovative." 

Another  reader  offered  his  view  as  aVerizon  customer,  who  would  appreciate  a 
more  personal  variety  of  service. 

“Wow,  you  actually  got  to  speak  to  a  real  individual  at  Verizon!”  writes  Ed  Jenkins. 
“My  voice-recognition  customer  service  representative  would  be  jealous!" 

In  writing  about  a  study  by  the  Centers  for  Disease  Control  that  shows  more  peo¬ 
ple  ditching  their  landlines  to  go  mobile-only,  I  asked  “what  a  telephone-usage  study 
has  to  do  with  disease  control  and  prevention."  It  was  not  meant  as  a  serious  ques¬ 
tion,  but  a  number  of  readers  offered  serious  answers: 

“Quite  some  time  ago  I  took  part  in  a  CDC  study  about  cell  phone  use  in  rural 
healthcare  environments,"  writes  Howard  Stewart.  "Some  of  the  CDC  concerns 
were  with  public  health  alert  notifications  and  the  effectiveness  of  911  in  a  cellular 
environment.  In  our  area  the  all-mobile  scenario  is  still  rare. ...  So  the  CDC  is  try¬ 
ing  to  get  a  handle  on  the  wireless  world  and  what  changes  they  need  to  advocate  to 
take  advantage  of  technology  and  changes  in  communication  practices.” 

Finally,  we  have  a  reply  to  an  item  about  Microsoft  taking  heat  yet  again  —  this 
time  from  a  user  who  ignored  an  explicit  warning  when  installing  a  BIOS  . . .  and 
then  wanted  to  blame  Microsoft  for  the  trouble  that  ensued. 

“It’s  nobody's  fault  but  the  user,”  Jim  Lloyd  writes.  "And  we  need  to  quit  blaming 
Microsoft  for  everything  that  happens  to  us,  period.  I  am  not  a  big  fan  of  their  prac¬ 
tices  but  this  is  ridiculous.” 

Feel  free  to  send  more  now  that  there 's  room  in  the  box.  The  address  is  buzz@nww.  com. 
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Avocent  builds  hardware  and  software  to  access,  manage  and  control  any  IT  asset 
in  your  data  center,  online  or  offline,  keeping  it,  and  your  business,  “always  on”. 
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Visit  us  on  our  Remote  Control  Tour,  For  locations  near  you,  go  to 

Www.avocent.com/remotecontrol. 


The  Power  of  Being  There. 


Avocenl  the  Avocont  logo.  The  Pov/er  of  Being  Theie  aie  trademarks  or  registered  trademarks  : 
ol  Avocent  Corporation  01  Its  affiliates  All  older  trademarks  or  company  names  are 
trademarks  or  registered  trademarks  ot  then  respective  companies. 
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IT’S  ABOUT  ACCURATELY 
MANAGING  POWER. 
MORE  OR  LESS. 


Xeon 

inside ~ 


Dual-core. 


Do  more. 


More  power  or  less  power?  You  think  you  know  how  much  power  your  server  needs,  but  in  reality  you  may  not.  So  you  guess  and 
hope  you're  right.  Those  days  are  over.  IBM  System  x3550  Express  with  PowerExecutive™  enables  you  to  see  your  power  needs 
more  clearly.  So  you  can  use  power  more  efficiently.  On  top  of  all  this,  it  helps  increase  your  productivity  and  manageability. 
IBM  System  x3550  Express  with  PowerExecutive  and  Dual-Core  Intel®  Xeon®  Processors.  Innovation  comes  standard. 

IBM  System  x3550  Express 

For  optimal  application  computing,  helps  address  the  need  for  lower  energy  costs  and  higher  performance. 


Featuring  up  to  two  Dual-Core  Intel®  Xeon®  Processors  5160  or 
Quad-Core  Intel  Xeon  Processors  X5355 
Up  to  48GB  667  MHz  high-performance  memory 
Up  to  293.6GB  hot-swap  SAS  or  up  to  1.5TB  simple-swap  SATA  storage 

Limited  warranty:  3  years  on-site1 

From  $1,999*  or  $53/month2 


IBM  System  Storage™  DS3200 
From  $4,495* 

IBM  Financing  Advantage  only  $116/month 


3  Gbps  Serial  Attached  SCSI  (SAS)  interface  technology 
Easy  to  deploy  and  manage  with  the  DS3000  Storage  Manager 
Scalable  up  to  3.6TB  of  storage  capacity  with  300GB  hot-swappable  SAS  disks 
Expandable  by  attaching  up  to  three  EXP3000s,  a  total  of  up  to  14.4TB  of 
storage  capacity 

Limited  warranty:  up  to  3  years  on-site’ 


IBM  System  x3400  Express 

From  $1,309* 

IBM  Financing  Advantage  only  $35/month2 

Up  to  two  Dual-Core  Intel®  Xeon®  Processors  5130  or 

Quad-Core  Intel  Xeon  Processor  E5320 

Up  to  32GB  667  MHz  high-performance  memory 

Up  to  2.4TB  hot-swap  SAS  or  4.0TB  hot-swap  SATA  storage 

IBM  Director  and  Predictive  Failure  Analysis®  monitor  and  help  identify 

problems  on  processors,  memory,  hard  disk  drives,  VRM  and  power  supplies 

Limited  warranty:  up  to  3  years  on-site1 


Special  Offers  from  IBM  Express  Servers  and  Storage ™ 

Check  out  our  latest  offers.  (And  they  really  are  our  latest  offers.)  All  are  designed  to  help  you  save  money  and  get  the  most  from 
your  IT  investment.  Learn  more  at: 


ibm.com/systems/innovate20  i  866-872-3902  mention  6N7AH14A 
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*AII  prices  are  IBM's  estimated  retail  selling  prices  as  of  March  19. 2007.  Prices  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller  prices  to  end  users  may  vary.  Products  are  subject  to  availability.  This 
document  was  developed  for  offerings  in  the  United  States.  IBM  may  not  otter  theproducts,  features  or  services  discussed  in  this  document  in  other  countries.  Prices  subject  to  change  without  notice.  Starting  price  may  riot  include  a  hard 
cove,  operating  system  or  other  features.  Contact  your  IBM  representative  or  IBM  Business  Partner  for  the  most  current  pricing  in  your  geography.  'IBM  hardware  products  are  manufactured  from  new  parts,  or  new  and  serviceable  used 
parts.  Regardless,  our  warranty  terms  apply.  For  a  copy  of  applicable  product  warranties,  visit:  ibm.com/servers/support/machine_warrantiesorwrite  to:  Warranty  Information.  P.0.  Box  12195,  RTP.  NC  27709,  Attn:  Dept.  JDJA/B203.  IBM 
makes  no  representation  or  warranty  regarding  third-party  products  or  services,  including  those  designated  as  ServerProven  or  ClusterProven.  Telephone  support  may  be  subject  to  additional  charges.  For  on-site  labor,  IBM  will  attempt 
to  diagnose  arid  resolve  the  problem  remotely  before  sending  a  technician.  On-site  warranty  is  available  only  for  selected  components.  ‘IBM  Global  Financing  offerings  are  provided  through  IBM  Credit  LLC  in  the  United  States  and  othei 
IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers,  Monthly  payments  provided  are  tor  planning  purposes  only  and  may  vary  based  on  your' credit  and  other  (actors.  Lease  otter  provided  is 
based  on  a  FMV  lease  ot  36  monthly  payments.  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice.  Information  about  non-IBM  products  is  obtained  from  the  manufacturers 
‘ ;se  products  or  their  published  announcements.  IBM  has  not  tested  ttiose  products  and  cannot  confirm  the  performance,  compatibility,  or  any  other  claims  related  to  non-IBM  products.  Questions  on  the  capabilities  ot  non-IBM 
products  should  be  addressed  to  the  suppliers  of  those  products.  MB.  GB,  and  TB  =  1,000,000, 1.000.000.000  and  f  .000,000,000,000  bytes,  respectively,  when  referring  to  storage  capacity.  Accessible  capacity  is  less;  up  to  3GB  is 
used  in  service  partition.  Actual  storage  capacity  will  vary  based  upon  many  (actors  and  may  be  less  than  stated.  Some  numbers  given  for  storage  capacities  give  capacity  in  native  mode  followed  by  capacity  using  data  compression 
;>  siinciogy.  Maximum  internal  hard  disk  and  memory  capacities  may  require  the  replacement  of  any  standard  hard  drives  and/or  memory  arid  the  population  ot  all  hard  disk  bays  and  memory  slots  with  the  largest  currently  supported 
: ;  ivss  available  IBM.  the  IBM  logo,  PowerExecutive,  Predictive  Failure  Analysis  and  Express  Servers  and  Storage  are  trademarks  or  registered  trademarks  ot  International  Business  Machines  Corporation  in  the  United  States  and/or 
countries.  Intel,  Intel  Inside,  the  Intel  Inside  logo,  Intel  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Other  company,  product  and 
"ivice  names  may  be  trademarks  or  service  marks  of  others.  ©  2007  IBM  Corporation.  All  rights  reserved. 


